On Thu, 27 Feb 2003, Bill Moseley wrote: > On Thu, 27 Feb 2003, Perrin Harkins wrote: > > > Jean-Michel Hiver wrote: > > > Yes, but you're then making the authorization layer inseparable from > > > your applicative layer, and hence you loose the interest of using > > > separate handlers. > > > > It's pretty hard to truly separate these things. Nobody wants to use > > basic auth, which means there is a need for forms and handlers. Then > > you have to keep that information in either cookies or URLs, and there > > is usually a need to talk to an external data database with a > > site-specific schema. The result is that plug and play auth schemes > > only work (unmodified) for the simplest sites. > > Anyone using PubCookie? > > http://www.washington.edu/pubcookie/
All C, no? - nick -- ~~~~~~~~~~~~~~~~~~~~ Nick Tonkin {|8^)>