Instead of using form based authentication I was thinking to use http digest authentication using mod_auth_digest
The problem is how to maintain state between requests.
Let's say that after the user authenticates, accesses a form, fills it and submits it to a CGI script which process it and he is next presented with a new form.
Problem is how to maintain the state between form 1 and 2 ?
a) Using digest auth the credentials are re-submitted on each request so this can be considered as session state keeping. The REMOTE_USER env variable is also set as an identifier;should it be used as an identifying key and store session details in the database using it ? Could work, but how would the server know that the user logged out so it invalidates the session, because digest offers no standard way to log out
b) Mixed mode possible? Can session management be delegated to cookies while authentication taken care of by digest?
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
Outside of code tags, you may need to use entities for some characters:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.
| & || & |
| < || < |
| > || > |
| [ || [ |
| ] || ] ||