Hi First thanks for your answer. > >Date: 14 Jun 2002 12:33:35 -0400 >To: [EMAIL PROTECTED] >From: Vivek Khera <[EMAIL PROTECTED]> >Subject: Re: location of LoginScript in Apache::AuthCookie* modules >Message-ID: <[EMAIL PROTECTED]> > >>>>>> "ED" == Eric Doutreleau <[EMAIL PROTECTED]> writes: > >ED> Right now i would like to make user authenticate throug a SSL >ED> page. >ED> In order to do that i modify the configuration script to use > >ED> PerlSetVar WhatEverLoginScript https://corbeau/perl/login.pl > >Well, in order to be able to get the original location, this has to be >done via an internal redirect. When you switch protocols (ie, from >http to https) you cannot do internal redirect. > I was indeed afraid of that. >But really, your login page doesn't need to be ssl secured as there is >no information in it. What you want is the target of the from in that >page to be aimed at an SSL URL. That's the transaction you want >secured, since that's where the id/password are sent. > Well what i want to secure is the sending of the login/ password. But i don t want at all to send the html pages in sll. Therefore i want to switch on ssl for sending the login and password and switch back to http after when i set the cookie. Is that possible? >-- >=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >Vivek Khera, Ph.D. Khera Communications, Inc. >Internet: [EMAIL PROTECTED] Rockville, MD +1-240-453-8497 >AIM: vivekkhera Y!: vivek_khera http://www.khera.org/~vivek/ > >------------------------------