If you can use mod_perl, then try with
Apache::AuthCookie; module's documentation
is very clear about its benefits, it says:
- The client doesn't *have* to pass the user credentials
on every subsequent access. If you're using passwords,
this means that the password can be sent on the first
request only, and subsequent requests don't need to
send this (potentially sensitive) information. This
is known as "ticket-based" authentication.
- When you determine that the client should stop using
the credentials/session key, the server can tell the
client to delete the cookie. Letting users "log out"
is a notoriously impossible-to-solve problem of
- AuthBasic dialog boxes are ugly. You can design your
own HTML login forms when you use AuthCookie.
I found it quite interesting :) But this solves only
half of your problem: you need also session management,
right? Apache::Session could be an answer, but
you may need to put some glue between these two modules.