Your second idea is the one to go for. Whether or not the URL is handled by Perl or is a static page or even by something else, it doesn't matter to the Auth(z|en) handler, just the cookie and/or the URL as entered by the user is all you need.

A large site I'm working on allows anyone, registered or not, to view any page. However, if you're logged in you see potentially different content, and even further, depending on the level of access granted the content will be even further tailored.

All handled through the magic that is mod_perl and HTML::Mason.

There's definitely no call for constantly re-starting a mod_perl enabled Apache webserver just because you've added a new directory dynamically. All you need to do is build a small form for an administrator to set paths/access levels, store it in a database for use within your Auth handlers.

---

---

• Are you posting in the right place? Check out Where do I post X? to know for sure.
• Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:

  <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>

• Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
• Want more info? How to link or How to display code and escape characters are good places to start.