On Nov 26, 2007 6:12 PM, Alexander Burrows <[EMAIL PROTECTED]> wrote: > Alright I have been sitting on the side lines of learning anything new about > mod_perl for too long. So I hope I've come to the right place to get brushed > up on things.
You have. Welcome! I don't write a lot of auth handlers, but here are some quick observations on your code: > sub handler { > my $r = Apache::Request->new(shift); > > my $cookie = Apache::Cookie->fetch(); > > my %auth = $cookie->{'auth'}->value(); > > unless ( $auth{'id'} ) { > $r->headers_out->set(Location => '/sys-bin/login.cgi'); > $r->status(REDIRECT); Make sure you imported the REDIRECT constant. > return REDIRECT; > exit 1; Don't use exit in mod_perl. You don't want to shut down the web server. I assume you're using apache 1.3 here, because you didn't use Apache2::Cookie. You will eventually want to do more with the cookie to verify that it came from you. Usually people use some kind of HMAC for this. Also, while I applaud your interest in learning to write custom auth code, your needs sound pretty simple, and I bet you could use an existing apache module for this. - Perrin