It is the same problem, because the problem as stated didn't ask for which keystrokes to type but asked about the algorithm. The algorithm (as opposed to the implementation, of which 0% appeared in your question) remains the same, regardless of the language used to generate the HTML.

You are right that HTTP authentication doesn't expand to session data management. Nor does it make coffee. However, your stated problem was "how to keep curious employees from entering data". And while creating sessions is one way of solving it, it doesn't mean you need sessions at all to solve your problem. If, beside keeping curious employees from entering data, you do need sessions, you should have asked about how to make sessions - and not mention the curious employees at all. After all, after solving the session problem, the curious employees have been taken care off.

Not using any expiration time would allow the possibility - admittedly remote - of reuse (by regeneration) of the session key.

But that's why you use HTTP level authentication....

Of course, if someone goes into the trouble of trying to regenerate a session key, would you still classify them as "curious employees stumbling upon the site entering data by accident"? *I* would classify them as "malicious hackers" (or "crackers" for slashdot types).

-- Abigail

In reply to Re: CGI Session 'security' for in-house app. by Abigail
in thread CGI Session 'security' for in-house app. by mikeB

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.