go ahead... be a heretic | |
PerlMonks |
(Guildenstern) Re: Re: Answer: How to cause Apache's .htaccess file to run a Perl scriptby Guildenstern (Deacon) |
on Mar 12, 2001 at 19:56 UTC ( [id://63822]=note: print w/replies, xml ) | Need Help?? |
That's a combination that may be hard to work with. The last project that I used authentication and Apache together initially used .htaccess files, but we scrapped that in favor of cookie checking code in all pages where users are supposed to be logged in. Here's a simple overview of how it worked:
Requests to index page were redirected to an SSL page that had a form for username/password entry. A successful username/password entry caused an entry with a generated session ID to be made in an Oracle database, and a cookie was sent back to the browser with the session ID. Once the username and password were authenticated, the user was redirected back to the "logged in" index page. All pages that required a user to be logged in had a bit of code included at the very top that checked the session ID and verified through the DB that the user was logged in. If the cookie was missing, or the user was not listed in the DB, the user was redirected back to the login page. Not exactly the best of solutions as far as scalability and speed goes, but it might be a good starting point. Guildenstern Negaterd character class uber alles!
In Section
Seekers of Perl Wisdom
|
|