Seumas, I wrote a script a while ago using LDAP for logins, and ran into a similar problem. What I ended up doing was to put a "expired" or "~logged-in" variable if you want to follow
CGI::Session::Cookbook. The code is below, but what you need to do with this implementation is fetch the session, and check for the existance of that session variable, because when the expiration is triggered it disappears. This helps with inactivity expirations, because every time you go to the session on the server, you can just touch that session variable.
if( $authority = verify_password(\@autharray)){
# ldap authentication succeeded at this point
# set session variables and other expiry information
my $session = new CGI::Session( "driver:MySQL", undef, {Handle
+ => $dbh})
;
my $sid = $session->id;
syslog( 'notice', "sid: %s", $sid);
$session->param("~logged-in",1);
$session->param("username",$autharray[0]);
$session->param("org-name",$autharray[2]);
$session->expires("~logged-in", "+15m");
syslog( 'notice',"after session writing") if $debug;
# write cookie information to user browser
my $cookie = $cgi->cookie(CGISESSID =>$session->id);
print $cgi->header(-cookie=>$cookie);
# ...
# other proprietary stuff
}
I hope this helps.
