Brian Reichert wrote: > > <Location /formscript/login> > PerlSetVar FormScriptSecure 1 > AuthType Apache::AuthTicket > ... > </Location> > > But, in each case, my login program is server in the clear. What am I > missing?
THe authnameSecure setting only affects the cookie. If you want to forbid access to the login form from non-ssl, there are verious ways to do that. One way would be to add "SSLRequireSSL" that block (assuming your using mod_ssl). Regards, Mike
