On Fri, Nov 23, 2001 at 04:09:45PM +1100, simran wrote: > What i want is: > > * To be able to give the user a reson if login fails > - eg reason: * "No such username" > * "Your password was incorrect" On Thu, Nov 22, 2001 at 09:26:17PM -0800, clayton wrote: > here is the meat of the matter > send something like this to the $r->subprocess_env > $r->subprocess_env('AuthCookieReason2', 'username invalid!');
yeah, but it depends when and where you do that. I found that if I set subprocess_env in the AuthCookieHandler->authen_cred method, which is where the login credentials get checked, it wasn't visible to the login script - this is because a redirect takes place in between, so a whole new request is started. So I had actually been doing something really dodgy to catch invalid logins, but your mention of setting another cookie gave me the idea of using the session key of the authcookie itself. If you set this to something like 'InvalidLogin' in authen_cred, you can then check for this and set the reason via $r->subprocess_env in AuthCookieHandler->authen_ses_key, before AuthCookie->authenticate wipes the cookie out. Not extensively tested, but seems to work so far :) -carolyn