Re: mod_captcha

Sat, 05 Jul 2008 14:37:39 -0700 

Perrin Harkins wrote:

On Wed, Jun 25, 2008 at 8:19 PM, Aaron Collins <[EMAIL PROTECTED]> wrote:

 I'm trying to write a perl based mod_captcha using the recaptcha service, I
was wondering is someone could tell me which handler I should use that would
allow me to have mod_perl intercept a request going to a specific location
and if it i return true continue with the request.  In my case I use
ProxyPass to pass request to java.  So I'd want to have my handler jump in
give a captcha and when the captcha is approved continue forwarding it on to
the proxypass.  If my understanding of mod_perl is incorrect please let me
know if their is a better logic to approach this.


You can't do all that within a single HTTP request.  What you need to
do is check if the person is authorized already (usually through a
cookie), and if not, redirect them to your captcha application.  When
they pass the captcha, you give them a cookie that identifies them,
and that cookie allows them in to the protected area.

Rather than write this all yourself, I suggest you subclass Apache::AuthTicket.

- Perrin



  

Hey Perrin,
 Thanks for you recommendation on the mod_captcha idea.
I completed my module and it came out great.  I've got an example
running at   http://sandbox.ehawaii.gov/lilo I'm pushing this up to CPAN
soon, until then if anyone would like a copy of this project let me
know. It has template support so you give it your own sites look and feel.

After you do a captcha it assigns you a cookie that last for 15 minutes
(you can go longer or shorter).  So you can use the site over and over
or any other app on the site for that matter until the cookie expires
and you must complete another captcha.

--
-Aaron Collins
Systems Engineer/ Release Engineer
Hawaii Information Consortium
220 S. King St. Suite 2190
Honolulu, Hawaii 96813
Cell: 808.203.8756
Office: 808.587.4213

************************************************************
CONFIDENTIALITY NOTICE:
This email and any attachments are confidential.  If you
are not the intended recipient, you do not have permission
to disclose, copy, distribute, or open any attachments.  If
you have received this email in error, please notify us
immediately by returning it to the sender and delete this
copy from your system.
************************************************************
























					Reply via email to