> > <Location /agenda/> > > SetHandler perl-script > > PerlHandler Apache::Agenda > > > > PerlSetVar AgendaPath /agenda > > PerlSetVar AgendaTemplate default.inc > > PerlSetVar AgendaSessionDir /tmp > > PerlSetVar AgendaLoginScript /agenda/login/ > > Are you sure that last line is correct? > > That would send you to /agenda/login when authen_ses_key() fails, but > your config below is for /LOGIN/. > > > <Location /LOGIN/> > > AuthType Apache::AuthCookieAgenda > > AuthName Agenda > > SetHandler perl-script > > PerlHandler Apache::AuthCookieAgenda->login > > </Location> > > This implies to me that you meant to have: > > PerlSetVar AgendaLoginScript /LOGIN/ > > Is this just a typo? > > > I used Apache::Session::Counted, and know that this two modules may > > conflict, but when all Apache::Session::Counted staff is commented > > result is the same... > > I dont think they conflict. I've not heard any reports of that anyway. > The cookie names are unique so there should be no problem there. > > > I dont know why cookie is not set. > > I'd suspect something isnt right with your configuration. Have you > tried turning on "warn me before accepting cookies" on your browser? > Sometimes that helps me verify that the cookies are actually making it > to the browser. > > What your trying to do looks to me like exactly the sort of thing > AuthCookie can do. Unless I am misunderstanding your problem I > dont see an AuthCookie limitation here. Please explain in more > detail if I am missing the point and I will see what we can do if > such a limitation does in fact exist :). > > Regards, > Michael Schout (Apache::AuthCookie maintainer)
<Location /agenda/> SetHandler perl-script PerlHandler Apache::Agenda PerlSetVar AgendaPath /agenda PerlSetVar AgendaTemplate default.inc PerlSetVar AgendaSessionDir /tmp PerlSetVar AgendaLoginScript /agenda/login/ ..... </Location> <Location /LOGIN/> AuthType Apache::AuthCookieAgenda AuthName Agenda SetHandler perl-script PerlHandler Apache::AuthCookieAgenda->login </Location> Problem was here - AgendaPath variable is set in /agenda.* location /LOGIN/ script, which set session key cookie header, doesn't see AgendaPath, therefore Cookie was a Apache::AuthCookieAgenda_Agenda=login:password variable path=/agenda was omitted. Explorer 6.0 doesn't set cookie without path attribute. I think, it's a good idea to make WhatEverPath required option in config. with config PerlSetVar AgendaPath /agenda <Location /agenda> SetHandler perl-script PerlHandler Apache::Agenda PerlSetVar AgendaSessionDir /tmp PerlSetVar AgendaLoginScript /agenda/login/ ..... </Location> <Location /agendalogin/> AuthType Apache::AuthCookieAgenda AuthName Agenda SetHandler perl-script PerlHandler Apache::AuthCookieAgenda->login </Location> all works fine. Actually, as my application should be 1. simple maintained, 2. maximum count of users - 100 (employees in small software development company) 3. simultaneous login - 5-7 maximum 4. team managers work with money (project budjet, employee's payment per hour and etc) 5. good session solutions require database access while all, what I want to store in sessions, can get from the same database with no great effort I've decided to use simplest authentication module kinda Apache::DBILogin and if someone need real security - SSL. Thank you -------------------------------------------- Sergey Polyakov aka "BeerBong" Chief of WebZavod http://www.webzavod.ru Tel. +7 (8462) 43-93-85 | +7 (8462) 43-93-86 mailto:[EMAIL PROTECTED]