Hi Michael -- > My question basically centers around the best way to protect > the "only > if you login" pages. I was thinking of putting them in their own > directory and protecting them with a tiny PerlAuthzHandler, > which would > scatter scripts of the same nature in two separate places (i.e. for > comments, view->create->post), or protect the entire site with a > PerlAuthzHandler that has a table of all of the "only if you login" > pages, which has the drawback of having to change the handler > every time > I add a new script. Are there any other/better ways to do this?
Using the directory structure is a good way to solve this problem. It is the way Apache likes to work. Most of Apache's internal systems are oriented towards directory paths -- ".htaccess", <Location>, <Directory>, etc. As a result, there are plenty of facilities for managing security in this fashion. HTH, -Jesse- -- Jesse Erlbaum The Erlbaum Group [EMAIL PROTECTED] Phone: 212-684-6161 Fax: 212-684-6226
