You can do it but it is a bit of a hack. First you need to know you can login to a password protected dir using the syntax:
http://username:password@domain.com/protected/
If you have a form with params 'username' and 'password' submit to this script:
#!/usr/bin/perl
use CGI;
my $url = 'domain.com/protected/redir.htm';
my $q = CGI->new();
my $login_url = sprintf "http://%s:%s\@$url",
$q->param('username'), $q->param('password');
print $q->header;
print <<HTML;
<head>
<title>Logging in.....</title>
<meta http-equiv="refresh" content="0; url=$login_url">
<script>window.location='$login_url'</script>
</head>
HTML
then the submitted username and password will be crafted into the necessary URL and automatically submitted by the browser (we can't just use a standard redirect as the browser has to be in on it). The net result is that the user will be logged in (if the supplied credentials are valid). The only problem with this is that now username:pass will be visible in the URL in the Address bar. You can cure that by pointing the login url redirect to a secondary redirect page (redir.htm in the example). Here you can redirect anywhere in the protected area, but as the user is now logged in we don't need the username:password@ part anymore.
<head>
<title>Redirecting.....</title>
<meta http-equiv="refresh" content="0; url=http://domain.com/protected
+/wherever.htm">
<script>window.location='http://domain.com/protected/wherever.htm</scr
+ipt>
</head>
|