I'm having trouble getting a CGI::Application::Session cookie to be persistent. In other words, once the browser is closed the cookie is lost.

If you don't specify an expiration date, the cookie will be lost once all the windows of that browser is closed.

... Which is understandable because that's how cookies work, but I want to create one that is persistent and is used later if the user wants Automated logins.

You don't need to manually compare the cookie. The CGI::Session does it for you.

Ok, I was hoping that comparing the cookie was probably taken care of within CGI ...

But you do have to propagate the session id from request to request, otherwise the application has no way of knowing which/who/what to look for.

In the readme of CGI::Application::Session, it states that the first time that $self->session is accessed it "add(s) a cookie to the outgoing headers containing the session ID". It is in the section right under the session_cookie description. Doesn't this mean that I don't have to propagate that information if between HTML::Template and CGI::Application the cookie propagation is being handled in the header once I call $self->session?

Therefore, if CGI::Session handles the comparison, and if CGI::Application::Session handles propogation, and if all I need to do is add a expiration date to the cookie, why doesn't my second code snippet work for handling automated logins between browser opens/closes?

my $self = shift;

my $q = $self->query();
my $sid = $q->cookie("CGISESSID") || undef;
$self->session_config
(
   CGI_SESSION_OPTIONS => [ "driver:File", $q, {Directory=>'/tmp'} ],

   COOKIE_PARAMS       => {
                                   -expires => '+1M',
                                   -secure  => 1,
                                 },
          SEND_COOKIE         => 1,
   );

my $session = $self->session;
[download]

Comment on Re^2: CGI::Application::Session Cookies confusion Download Code