in reply to Protecting static contents in Apache with perl/mod_perl

The equivalent in mod_perl would probably be a PerlAccessHandler or an Authen/Authz handler. There are extensive docs about this on the mod_perl site, and many examples on CPAN.
  • Comment on Re: Protecting static contents in Apache with perl/mod_perl

Replies are listed 'Best First'.
Re^2: Protecting static contents in Apache with perl/mod_perl
by friedo (Prior) on Aug 20, 2005 at 18:15 UTC
    perrin is right on the money. Here is some code from a PerlAuthenHandler I wrote that uses CGI::Session. (I deleted some of the irrelevant details but this shows how it can be done.) 

    
sub redir_auth {
    my $r = shift;
    $r->status( REDIRECT );
    $r->header_out( Location => '/login.cgi?'  );
    return REDIRECT;
}

sub handler {
    my $r = shift;
    my $apr = Apache::Request->new( $r );
    my $q = CGI->new;

    # let through if we're trying to login
    return OK if $r->uri =~ /login.cgi$/;

    # block if no session cookie or query
    my $asid = $q->cookie( 'asid' ) || $apr->param( 'asid' ) || 0;
    return redir_auth( $r ) unless $asid;

    # if we have a valid session, let the request pass through
    my $session = Alex::Session->new( $q );
    $session->expire('+1h');
    return OK if $session->param( "logged_in" );

    # default
    return redir_auth( $r );
}

    [download]
[reply]
[d/l]

In Section Seekers of Perl Wisdom