Hi
Having just finished a project using it, I can whole heartedly recommend Apache::AuthCookie, which can protect whole directories, just like AuthBasic
It's also got the advantage of allowing users to logout, unlike authbasic.
Note: I have no experience with Mason, but you will need mod_perl with StackedHandlers, MethodHandlers, Authen, and Authz compiled in.
On another note, you may wish to try typing session or authenticate in the search box.
hope this helps
davis
Is this going out live?
No, Homer, very few cartoons are broadcast live - it's a terrible strain on the animator's wrist
| [reply] |
The way I implemented this in Mason is to have a perl block at the top of my autohandler that redirects the user to the login page if he is not valid. The login page has code that redirects the user to the main page if he is already logged in.
I use session variables to store login status so I don't need to pass any information around.
Because it is in the autohandler, I don't have to code the security for individual pages, plus if someone bookmarks a page deep in the system, he can't use it to get around security.
-pete
"I am Jack's utter lack of disbelief" | [reply] |