> > I am trying to implement a database driven solution for a small university > website (300+ users) and quite happy with Authentication and Authorization > packages provided by mod_perl. However, there doesn't seems to be a solution > to dynamically protect a directory without restarting Apache. > > What I will like to do: > Store the URI <Directory> need to be protected in the database with the > permitted Groups. > You can do that by changing the user portion of that authenticates the credentials and returns the session key. Place the allowed directories in the encrypted key. In the auth- session key portion you can check all kinds of things like the allowed path, session expiration, specific files you want disallowed in various directories, etc...