Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

(Guildenstern) Re: Re: Answer: How to cause Apache's .htaccess file to run a Perl script

by Guildenstern (Deacon)
on Mar 12, 2001 at 19:56 UTC ( #63822=note: print w/replies, xml ) Need Help??


in reply to Re: Answer: How to cause Apache's .htaccess file to run a Perl script
in thread How to cause Apache's .htaccess file to run a Perl script

That's a combination that may be hard to work with. The last project that I used authentication and Apache together initially used .htaccess files, but we scrapped that in favor of cookie checking code in all pages where users are supposed to be logged in. Here's a simple overview of how it worked:

Requests to index page were redirected to an SSL page that had a form for username/password entry. A successful username/password entry caused an entry with a generated session ID to be made in an Oracle database, and a cookie was sent back to the browser with the session ID. Once the username and password were authenticated, the user was redirected back to the "logged in" index page. All pages that required a user to be logged in had a bit of code included at the very top that checked the session ID and verified through the DB that the user was logged in. If the cookie was missing, or the user was not listed in the DB, the user was redirected back to the login page.
Not exactly the best of solutions as far as scalability and speed goes, but it might be a good starting point.

Guildenstern
Negaterd character class uber alles!
  • Comment on (Guildenstern) Re: Re: Answer: How to cause Apache's .htaccess file to run a Perl script

Replies are listed 'Best First'.
Re: (Guildenstern) Re: Re: Answer: How to cause Apache's .htaccess file to run a Perl script
by tame1 (Pilgrim) on Mar 12, 2001 at 20:02 UTC
    Hmm...that sounds feasible, especially since I also run ColdFusion, which means that I can place an Application.cfm file at the top of each directory with the required test, etc. The CF engine will cause the Application.cfm file to be run before any other file each and every time any file in that directory is accessed, so with a cookie test in it, which redirects to the password server if the cookie test fails (the link to the pass server has the return address embedded in it),it might actually work.

    Maybe I can make this work after all :-)

    What does this little button do . .<Click>; "USER HAS SIGNED OFF FOR THE DAY"

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://63822]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (6)
As of 2020-10-20 08:06 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My favourite web site is:












    Results (209 votes). Check out past polls.

    Notices?