> >     <Location  /agenda/>
> >       SetHandler perl-script
> >       PerlHandler Apache::Agenda
> >
> >       PerlSetVar AgendaPath /agenda
> >       PerlSetVar AgendaTemplate default.inc
> >       PerlSetVar AgendaSessionDir /tmp
> >       PerlSetVar AgendaLoginScript /agenda/login/
>
> Are you sure that last line is correct?
>
> That would send you to /agenda/login when authen_ses_key() fails,
but
> your config below is for /LOGIN/.
>
> >     <Location /LOGIN/>
> >       AuthType Apache::AuthCookieAgenda
> >       AuthName Agenda
> >       SetHandler perl-script
> >       PerlHandler Apache::AuthCookieAgenda->login
> >     </Location>
>
> This implies to me that you meant to have:
>
> PerlSetVar AgendaLoginScript /LOGIN/
>
> Is this just a typo?
>
> > I used Apache::Session::Counted, and know that this two modules
may
> > conflict, but when all Apache::Session::Counted staff is commented
> > result is the same...
>
> I dont think they conflict.  I've not heard any reports of that
anyway.
> The cookie names are unique so there should be no problem there.
>
> > I dont know why cookie is not set.
>
> I'd suspect something isnt right with your configuration.  Have you
> tried turning on "warn me before accepting cookies" on your browser?
> Sometimes that helps me verify that the cookies are actually making
it
> to the browser.
>
> What your trying to do looks to me like exactly the sort of thing
> AuthCookie can do.  Unless I am misunderstanding your problem I
> dont see an AuthCookie limitation here.  Please explain in more
> detail if I am missing the point and I will see what we can do if
> such a limitation does in fact exist :).
>
> Regards,
> Michael Schout (Apache::AuthCookie maintainer)

   <Location  /agenda/>
      SetHandler perl-script
      PerlHandler Apache::Agenda
      PerlSetVar AgendaPath /agenda
      PerlSetVar AgendaTemplate default.inc
      PerlSetVar AgendaSessionDir /tmp
      PerlSetVar AgendaLoginScript /agenda/login/
      .....
   </Location>

   <Location /LOGIN/>
       AuthType Apache::AuthCookieAgenda
       AuthName Agenda
       SetHandler perl-script
       PerlHandler Apache::AuthCookieAgenda->login
    </Location>

Problem was here - AgendaPath variable is set in /agenda.* location
/LOGIN/ script, which set session key cookie header, doesn't see
AgendaPath, therefore Cookie was a
Apache::AuthCookieAgenda_Agenda=login:password
variable path=/agenda was omitted. Explorer 6.0 doesn't set cookie
without path attribute.
I think, it's a good idea to make WhatEverPath required option in
config.

with config

   PerlSetVar AgendaPath /agenda

   <Location  /agenda>
      SetHandler perl-script
      PerlHandler Apache::Agenda
      PerlSetVar AgendaSessionDir /tmp
      PerlSetVar AgendaLoginScript /agenda/login/
      .....
   </Location>

   <Location /agendalogin/>
       AuthType Apache::AuthCookieAgenda
       AuthName Agenda
       SetHandler perl-script
       PerlHandler Apache::AuthCookieAgenda->login
    </Location>

all works fine.

Actually, as my application should be
1. simple maintained,
2. maximum count of users - 100 (employees in small software
development company)
3. simultaneous login - 5-7 maximum
4. team managers work with money (project budjet, employee's payment
per hour and etc)
5. good session solutions require database access while all, what I
want to store in sessions, can get from the same database with no
great effort

I've decided to use simplest authentication module kinda
Apache::DBILogin and if someone need real security - SSL.

Thank you
--------------------------------------------
Sergey Polyakov               aka "BeerBong"
Chief of WebZavod     http://www.webzavod.ru
Tel. +7 (8462) 43-93-85 | +7 (8462) 43-93-86
mailto:[EMAIL PROTECTED]



Reply via email to