Ian, Using cookies is just one way of overcoming the stateless nature of http. The other ways that I know of are to modify the url in some way or to put a hidden field in a form. The latter only works if you're processing forms of course so for general viewing, you need to modify the URL. There are two ways that I have heard about. 1. modify the url to include a session key in the path. To serve html pages you'd need to write a custom content handler to rewrite all your outgoing page links to include the session key. I haven't seen one on CPAN, please let me know if you find one, I could use it too ! 2. authenticate the users and then redirect to a fake host session.www.somecorp.com/page/you/wanted/. Then you use a custom handler at the translation phase to strip the session key and recover the user name from whatever session store you're using. I haven't got beyond cookies myself but these are both avenues I need to explore in the next few months. HTH, Simon Wilcox From "Ian Frawley" <[EMAIL PROTECTED]> Date 17 October 2000 To [EMAIL PROTECTED] Time 19:20 Copy to (bcc: Simon Wilcox/BASE/WilliamsLea) Bcc Simon Wilcox/BASE/WilliamsLea Fax to Subject Remembering Authentication Hi all Is it possible to authenticate a user without having to use the unfriendly login box provided by browsers, without using cookies? I have managed to authenticate a user once through some text fields on a HTML page but unfortunately this does not make the browser remember the user's authentication information. On subsequent requests to the same secure area apache requires that the user enters their credentials again. Is there a way around this? If so any help would be appreciated. Thanks Ian
Hi all
Is it possible to authenticate a user without
having to use the unfriendly login box provided by browsers, without using
cookies?
I have managed to authenticate a user once through
some text fields on a HTML page but unfortunately this does not make the browser
remember the user's authentication information. On subsequent requests
to the same secure area apache requires that the user enters their
credentials again.
Is there a way around this? If so any help would be
appreciated.
Thanks
Ian
|
______________________________________________________________________ This email contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this email, please notify the author by replying to this email. If you are not the intended recipient you must not use, disclose, distribute, copy, print, or reply on this email.