> > <Location /agenda/>
> > SetHandler perl-script
> > PerlHandler Apache::Agenda
> >
> > PerlSetVar AgendaPath /agenda
> > PerlSetVar AgendaTemplate default.inc
> > PerlSetVar AgendaSessionDir /tmp
> > PerlSetVar AgendaLoginScript /agenda/login/
>
> Are you sure that last line is correct?
>
> That would send you to /agenda/login when authen_ses_key() fails,
but
> your config below is for /LOGIN/.
>
> > <Location /LOGIN/>
> > AuthType Apache::AuthCookieAgenda
> > AuthName Agenda
> > SetHandler perl-script
> > PerlHandler Apache::AuthCookieAgenda->login
> > </Location>
>
> This implies to me that you meant to have:
>
> PerlSetVar AgendaLoginScript /LOGIN/
>
> Is this just a typo?
>
> > I used Apache::Session::Counted, and know that this two modules
may
> > conflict, but when all Apache::Session::Counted staff is commented
> > result is the same...
>
> I dont think they conflict. I've not heard any reports of that
anyway.
> The cookie names are unique so there should be no problem there.
>
> > I dont know why cookie is not set.
>
> I'd suspect something isnt right with your configuration. Have you
> tried turning on "warn me before accepting cookies" on your browser?
> Sometimes that helps me verify that the cookies are actually making
it
> to the browser.
>
> What your trying to do looks to me like exactly the sort of thing
> AuthCookie can do. Unless I am misunderstanding your problem I
> dont see an AuthCookie limitation here. Please explain in more
> detail if I am missing the point and I will see what we can do if
> such a limitation does in fact exist :).
>
> Regards,
> Michael Schout (Apache::AuthCookie maintainer)
<Location /agenda/>
SetHandler perl-script
PerlHandler Apache::Agenda
PerlSetVar AgendaPath /agenda
PerlSetVar AgendaTemplate default.inc
PerlSetVar AgendaSessionDir /tmp
PerlSetVar AgendaLoginScript /agenda/login/
.....
</Location>
<Location /LOGIN/>
AuthType Apache::AuthCookieAgenda
AuthName Agenda
SetHandler perl-script
PerlHandler Apache::AuthCookieAgenda->login
</Location>
Problem was here - AgendaPath variable is set in /agenda.* location
/LOGIN/ script, which set session key cookie header, doesn't see
AgendaPath, therefore Cookie was a
Apache::AuthCookieAgenda_Agenda=login:password
variable path=/agenda was omitted. Explorer 6.0 doesn't set cookie
without path attribute.
I think, it's a good idea to make WhatEverPath required option in
config.
with config
PerlSetVar AgendaPath /agenda
<Location /agenda>
SetHandler perl-script
PerlHandler Apache::Agenda
PerlSetVar AgendaSessionDir /tmp
PerlSetVar AgendaLoginScript /agenda/login/
.....
</Location>
<Location /agendalogin/>
AuthType Apache::AuthCookieAgenda
AuthName Agenda
SetHandler perl-script
PerlHandler Apache::AuthCookieAgenda->login
</Location>
all works fine.
Actually, as my application should be
1. simple maintained,
2. maximum count of users - 100 (employees in small software
development company)
3. simultaneous login - 5-7 maximum
4. team managers work with money (project budjet, employee's payment
per hour and etc)
5. good session solutions require database access while all, what I
want to store in sessions, can get from the same database with no
great effort
I've decided to use simplest authentication module kinda
Apache::DBILogin and if someone need real security - SSL.
Thank you
--------------------------------------------
Sergey Polyakov aka "BeerBong"
Chief of WebZavod http://www.webzavod.ru
Tel. +7 (8462) 43-93-85 | +7 (8462) 43-93-86
mailto:[EMAIL PROTECTED]
