Hi
I must apologize ahead of time if some monks deem this content inappropriate. I am new to website authentication and am not sure if I have all my facts straight. My server is running Win2k with Apache2.0, which I do not believe comes with mod_perl. I was looking for alternatives to user authentication. My idea was have a .htaccess + .htpasswd files and then have a regular CGI script pass the user credintials to the protected page like this http://$username:$passwd@$server/$restrictedPage. Is this acceptable for mediocre security? Also, once a user is logged in, is there some ENV var set that says who is logged in, so that my CGI script can deal with that user directly?
Thanks for your help.