I'm trying to allow users to authenticate against an IMAP server, and if they succeed establish a stateful web session via CGI::Session. Right now I'm using the following code. It seems to work. I have limited experience with CGI::Session. Is this the correct usage?

use CGI;
use CGI::Session;

my $www  = CGI->new();
my $session = CGI::Session->new(
    undef, $www, {Directory=>'/tmp'}
);   

my $imap = Net::IMAP::Simple->new('localhost');
if ($imap->login($www->param("log_username"), $www->param("log_passwor
+d"))){
    $session->_loggedIn(1);
}
[download]