Thanks Perrin for the reply. I have seen some mods out there that sound like they will do what I want but as of yet I have not found any god examples of them. I'm one of those people who really needs to see a working practical use of the application as the perldocs tend to be a bit ambiguous to me.
Also what is HMAC? -Alexander Perrin Harkins wrote: > > On Nov 26, 2007 6:12 PM, Alexander Burrows <[EMAIL PROTECTED]> wrote: >> Alright I have been sitting on the side lines of learning anything new >> about >> mod_perl for too long. So I hope I've come to the right place to get >> brushed >> up on things. > > You have. Welcome! > > I don't write a lot of auth handlers, but here are some quick > observations on your code: > >> sub handler { >> my $r = Apache::Request->new(shift); >> >> my $cookie = Apache::Cookie->fetch(); >> >> my %auth = $cookie->{'auth'}->value(); >> >> unless ( $auth{'id'} ) { >> $r->headers_out->set(Location => '/sys-bin/login.cgi'); >> $r->status(REDIRECT); > > Make sure you imported the REDIRECT constant. > >> return REDIRECT; >> exit 1; > > Don't use exit in mod_perl. You don't want to shut down the web server. > > I assume you're using apache 1.3 here, because you didn't use > Apache2::Cookie. > > You will eventually want to do more with the cookie to verify that it > came from you. Usually people use some kind of HMAC for this. > > Also, while I applaud your interest in learning to write custom auth > code, your needs sound pretty simple, and I bet you could use an > existing apache module for this. > > - Perrin > > -- View this message in context: http://www.nabble.com/Auth-Question-need-some-input-tf4878626.html#a13984614 Sent from the mod_perl - General mailing list archive at Nabble.com.