> All, > > I'm about to replace the authentication mechanism that > our web site uses. However I wanted to sanity check my > thought process. > > Is it possible to have an Authen handler sitting on > certain areas of a site, and if a user isn't logged in > (i.e. doesn't have an auth session cookie) we present > them with a form. (I can do this, but the next bit is > new to me). Then when they send their details, i.e. > username and password, they go over an SSL connection, > which provided they are correct, then shows the page > the user originally wanted? > > Basically I have a mechanism working that does this > without the SSL, but can I update it to use an SSL > connection for the login form submit? > > Marty >
see Apache-AuthCookie I believe everything you want is implemented in this package -- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
