Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Re: site access: Apache Basic auth vs. CGI::Session and cookies

by rodion (Chaplain)
on Apr 10, 2007 at 07:27 UTC ( #609085=note: print w/replies, xml ) Need Help??


in reply to site access: Apache Basic auth vs. CGI::Session and cookies

Where I work, we use cookies; each Perl CGI program in the suite checks the cookie as its first responsibility, using code from a common in-house module. We do this because:
  • We need logout (as varian described).
  • We need auto-logout. The cookie contains a time-stamp, and each new screen (in the group of Perl CGI that has access to restricted information) checks that the time-stamp is within the last 5 minutes, then refreshes the timestamp.
  • Parts of our system are on multiple servers, and we need login to work across them.
  • Different users have permission to change different things. Some can just see the page, others can enter information, still others are allowed to sign and finalize a report. The cookie contains the permissions that indicated who can do what. (We only do this for browsers on trusted machines, inside our firewall and at specific IP addresses.)
      • Comment on Re: site access: Apache Basic auth vs. CGI::Session and cookies

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://609085]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (3)
As of 2021-09-20 08:09 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?