in reply to Cookie based authentication: Is it secure?
There is something you can do to insure security.
Everytime a user logs on, generate a random
number, put it on the user's machine as a cookie.
Hope this helps,
Sinan
At the same time, write the same $random_no to a DB on your server, as well as the user's username. So, you can now identify the user using a temporary id.print "Set-Cookie: temp-id=$random_no; domain=yourdomain.com; expires= +".($now+3600);
Hope this helps,
Sinan
|
---|
In Section
Seekers of Perl Wisdom