Hi All,I'm in the process of trying to get this PerlTransHandler which does a redirect back to the handler in such a way that once they log in, instead of "/handler/" being the URI, it becomes "/handler/username". I'm able to get a simple version of this, just for proof of concept, that takes input from a form value called "op", and redirects "/handlername/" to "/handlername/edit" for instance, if "op" is equal to "edit". That works. So, the next step is to get the username, but _only_ if the user is logged in.
Currently, I have the main application handler do authentication simply by checking username and password to the database (md5 hex of the password) and if it matches, set a session cookie, which for every subsequent operation is checked, and if set, the user is seen as logged in.
My PerlTransHandler that I wrote runs much earlier than the primary application handler, and I then though "should this handle the authentication", then reading even further, should I move authentication to a PerlAuthenHandler (?). I would still want to use my login page (not the login dialogue you obtain using .htpassword). Having not coded mod_perl apps in a while, but remember somewhere that this is pretty easy to do, I'm wondering if this is indeed a good idea.
Any thoughts, suggestions on how I should implement this? Any links to info on how to do this (other than what I've found via google) would be appreciated this.
Also, another question. I am coding this so it will work on a number of apache/mod_perl versions, which includes allowing it to run using CGI, which I've found using PerlTransHandler requires me to set
PerlOptions +GlobalRequest to my httpd-perl.conf. What are the repercussions for using this setting? Thanks in advance! Patrick --Patrick Galbraith, Senior Systems Engineer MySQL AB, www.mysql.com
Satyam Eva Jayate - Truth Alone Triumphs Mundaka Upanishad
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.