I've been using Apache::AuthCookie, and it's great, but just from
playing with it briefly I see some apparent issues. For one thing
I didn't find an obvious way to delete a session from the database.
It relies on the browser to delete the session key cookie. Right now,
my MSIE is not deleting that cookie for some reason, while Netscape is,
so I can't "log out" using MSIE.
I don't know if anyone else has noticed this or if there's some easy
way to fix it, but I want to use this in a production environment.
Unless someone else is working on this, I'll have to fix it somehow,
whether or not it's code anyone else would dare run on their server.
I'm also wondering how possible it would be to add an option to use
the browser's "basic" login dialog box instead of having to create an
HTML page for it. It's something else I'm thinking of trying to do,
but again I'd like to know if anyone else is either working on it or
knows some reason not to.
This module seems to be a tremendously useful tool for any site that
needs authentication. Its next maintainer will earn my gratitude and
whatever asistance I'm capable of.
Adam
On Jan 24 Bruce W. Hoylman wrote
"Ken" == Ken Williams [EMAIL PROTECTED] writes:
make a new module with a new name, since some of my changes have
changed the interface, or usurp the Apache::AuthCookie module and
provide a clear stepwise migration path? Doug said he'd be willing
to make me the maintainer.
My vote is for 'usurption'. I use this module alot and I too have seen
the need for changes. I think it best to go forward with the current
module and namespace conventions for continuity at my site.
You do good work, Ken. I look forward to seeing what you have done with
this very useful module.
Peace.
