--On Friday, May 26, 2000 10:42 AM -0500 James G Smith <[EMAIL PROTECTED]>
wrote:
> Sergey Ivanyuk <[EMAIL PROTECTED]> wrote:
>> Hi All.
>>
>> I'm trying to implement a real simple authentication scheme, where the
>> login page sets a cookie to the users's browser, and unless the cookie
>> is set, any request beyond the login page gets redirected to login.
>> I've tried the PerlTransHandler, but the cookies aren't available to
>> the handler for some reason. How is something like this normally
>> done? I thought I was on the right track, but apparently that doesn't
>> seem to be right. Thanks in advance.
>
> I would suggest looking at some of the modules available on CPAN that do
> this -- Apache::AuthCookie, for example, which uses the Authentication
> and Authorization phases to do this.
> --
> James Smith <[EMAIL PROTECTED]>, 979-862-3725
> Texas A&M CIS Operating Systems Group, Unix
>
>
I'm simply doing it inside the content handler and it works just fine. If
they don't have a cookie, I jump to a subroutine that presents the login
page (even found a javascript that does MD5 so I'm doing MD5 challenge
response). The ACTION arg in the FORM statement sends them right back to
me with "login" as the path info. I authenticate them, send the cookie,
and using a marvelous bit of magic I discovered in the eagle book, I
include a refresh header back to the original request. It works quit
"spiffy" [sic] and thus I think your content handler is a fine place to
deal with it (assuming, of course, that your application uses a content
handler which is not necessarily always the case).
-- Rob
_ _ _ _ _ _ _ _ _ _
/\_\_\_\_\ /\_\ /\_\_\_\_\_\
/\/_/_/_/_/ /\/_/ \/_/_/_/_/_/ QUIDQUID LATINE DICTUM SIT,
/\/_/__\/_/ __ /\/_/ /\/_/ PROFUNDUM VIDITUR
/\/_/_/_/_/ /\_\ /\/_/ /\/_/
/\/_/ \/_/ /\/_/_/\/_/ /\/_/ (Whatever is said in Latin
\/_/ \/_/ \/_/_/_/_/ \/_/ appears profound)
Rob Tanner
McMinnville, Oregon
[EMAIL PROTECTED]
