Download the module from here: http://mod_perl.home.att.net
I used Apache::AuthCookie for a long time until Netscape 6.2 came out. AuthCookie caches the login screen as the first redirecting URL even when the user successfully logs in. I then tried to make some changes in the module, and to add extra features... Finally, there seemed too many changes and the cookie control wheel, Apache::AccessCookie, is reinvented. This module is especially clean, having less than 120 lines of code. Yet, it contains almost all the features you may find in the Eagle book and Apache::AuthCookie. It follows the idea in the Eagle book to implement the control as an Access Handler only. If one needs group Authorization, one may still need AuthCookie. Some extra features are: 1) it checks if browser accepts cookie AT THE FIRST PLACE. 2) it separates the mod_perl code from the HTML login form and error reports by a HTML::Template file which webmasters can design separately to fit to their own graphic styles. The error reports include: a) ERROR_COOKIE: the browser did not accept cookies b) NO_TICKET: sign-in please c) BAD_LOGIN: user or password wrong d) BLOCK_ACCESS: more than 'max' failed trials in a day and the ip is blocked 3) optionally, it can block further authentication if one fails too many time. In addition, a 30-day hidden cookie is introduced, so a valid user can actually try unlimited times if he has a successful login within the last 30 days (he won't go crazy for the intolerance :-) plus the following standard ticketing features: 4) it is a ticket system: a group of machines can be authenticated by the same ticket providing they are under the same top domain name. 5) it is more secure than the Basic Authentication since web visitor's password is transferred only once onto the ticket master machine. 6) if authenticated against a database, the ticket system is usually fast because the verification procedure does not need database connection. 7) it "simulates" the Basic Authentication, i.e. you get username in the log file and in the later Apache phases via $r->connection->user() NOTE: this is the first public release of the module. Anyway, it runs well on our machines. Suggestions and bug reports are very welcome. Please send them to [EMAIL PROTECTED] Peter Bi Greetingland, LLC [EMAIL PROTECTED]
