You can use Apache::Session (even under CGI) for this. Have a look at the documentation and see if it fits your needs. Another positive reason for rolling your own authentication routine is so you can log users out, something which can't be done with basic auth.

Steve.