"Arnel Estanislao" <[EMAIL PROTECTED]> wrote:
>Hello,
>
>I sent this email out yesterday, but it didn't seem to reach the list. My
>apologies if you get this twice.
>
>Is there a "best way" to accomplish the following user registration/login
>system:
>
>- User attempts to visit a password-protected section of the site.
>- If user is not yet authenticated (using DBI/DBD::Pg), user is redirected
>to a login/registration page. (We are NOT using Basic authentication).
>- User logs in or registers.
>- User is given a session key and is taken to the URL they were originally
>trying to visit.
>- Session expires after X amount of time.
>
>We're thinking about using "Authen::Ticket" or "Apache::AuthCookie", but
>wanted to get some real-world validation of our approach, or find out about
>other modules that have been used to successfully implement the above.
Please be aware that Authen::Ticket is still considered in development.
The documented API is subject to minor changes in upcoming releases,
which means if you upgrade the module, check the Changes file.
However, it does provide for easy session expirations and can do all
the other things in the bulleted list.
--
James Smith <[EMAIL PROTECTED]>, 409-862-3725
Texas A&M CIS Operating Systems Group, Unix
