What i meant was without any other web serving software on the box, i.e apache, extra module which aren't installed on gameserver boxes normally.

Ok with CGI::Sessions i couldn't get the to recognise individual users, they jsut kept me logged in. So i tried the ip loggin method but this doens't work for AOL users i believe.

I simply couldn't work out how to do the HTTP authentication method.

Cookies and other standard HTTP methods should work fine if i understood them enough to code them into my server, the web server was written by me and is very basic, making use of as few modules as possible, the idea being to keep the software as small as possible and to require the minimum of extras to run it.

I think the main problem here is i don't understand enough about using sessions in perl either with CGI ro without, and i can't find any useful help on the web.

Harry

If so, you may want to look at Digest access authentication which works in a similar manner, but is much more secure. It is supported by most modern browsers, (although you need to workaround a bug in IE when using query strings).

I'm not sure if there is a ready-made module for doing this, but you can certainly repurpose one of Digest modules.

clint

What about CGI::Sessions isn't helping? It's not really about authentication. You'd have to think of some way to handle the login. Then you'd store some kind of $is_authenticated token in the session to show they've identified themselves.

If you want to use some relatively dependable authentication mechanisms but you don't want to write something locally, I'd suggest trying Authen::Bitcard. It is the simplest of the single sign on tech that I've tried. All the hard work is done for you. Once they authenticate just store that in the session and you're done.

I am particularly fond of this session setup:
my $ses = new CGI::Session('driver:DB_File;serializer:storable', $cgi);

There may be some security concerns, depending on where you store your flat file, but DB_File (aka Berkely DB) is really nice.