Re: Re: Calling script after htaccess authentification

The site has a combination of public content, static group content and dynamic private content.

The public content is easy, standard stuff.

The static group content will be items such as information, forms, and downloads which is available to any and all approved users.

The dynamic private content is specific to user. These would be reports composed of information specific to the exact user.

The dynamic private content will be served through Perl scripts. This will most likely be controlled by cookiers following a successful login.

I would rather control access to the static group content via htaccess authenticate so that update of the pages does not intermingle with the Perl scripts. This allows a slightly less trained person to do the updates. HTML and FTP knowledge rather than Perl background. i.e. cheaper labor for da boss.

Obviously the easy solution is to have the users login twice. Once when they need access to the group material, and then again when they need access to any private material.

Da boss is annoyed by the double login and I'm trying to find a way around this. Hence the grasping at straws....

Thanks, Claude

Comment on Re: Re: Calling script after htaccess authentification

Replies are listed 'Best First'.
Re: Re: Re: Calling script after htaccess authentification by dws (Chancellor) on Jul 30, 2002 at 19:25 UTC
The site has a combination of public content, static group content and dynamic private content. I have a site like this. The scripts that generate dynamic content require an appropriate login cookie, and the data that they use is kept in a folder that is not visible to the web server. No apache authentication is required. Works fine, though it does mean that I have to do downloads via a CGI script, instead of letting the web server handle the details. I would rather control access to the static group content via htaccess authenticate so that update of the pages does not intermingle with the Perl scripts. So keep the perl scripts in a separate directory? I'm still not seeing why you need .htaccess control.	[reply]
Re: Re: Re: Re: Calling script after htaccess authentification by Xxaxx (Monk) on Jul 30, 2002 at 20:32 UTC
though it does mean that I have to do downloads via a CGI script, instead of letting the web server handle the details. It is less than satisfying to pass all of the content through a script. It just seems like extra overhead. Apache is optimized for shoveling pages to browsers. Putting the Perl script in the middle seems like extra overhead. Maybe this is just my old 8088 conservatism. Trying to eliminate all extra processes. Claude	[reply]
Re: Re: Re: Re: Re: Calling script after htaccess authentification by dws (Chancellor) on Jul 30, 2002 at 22:08 UTC
It is less than satisfying to pass all of the content through a script. It just seems like extra overhead. It's extra overhead, but unless downloads are very frequent occurances, so what? The benefit you gain from this scheme is that you don't need to use two login schemes.	[reply]