On Thu, Jul 17, 2003 at 06:07:48PM -0700, Jason Fong wrote: > I'm making a login system that uses a web form instead of the browser's > popup box to input the username/password. My problem is that when I use > my authentication script as a PerlAuthenHandler in the .htaccess, it > insists on having the browser show the popup username/password box.
Well, that's not really a problem--it's how a PerlAuthenHandler, or any Apache-based authentication handler, is supposed to work. If you're using a web form to authenticate users, you don't need Apache or mod_perl to also authenticate. > My guess is that using the PerlAuthenHandler automatically sends a > AUTH_REQUIRED to the browser so that the login box appears. The whole point of PerlAuthenHandler is to ask the client to send a specific HTTP request to the server, which the client usually does by prompting the user. So your guess is a pretty good one. > I found a solution to this by changing the PerlAuthenHandler to a > PerlAccessHandler. Is this the correct way to avoid the login box? Or > is there a way for a PerlAuthenHandler to not popup a login box? Depending on what you're trying to do, the correct way to avoid the login box is to omit the PerlAuthenHandler and the PerlAccessHandler, but without any specifics on what you're trying to do all anyone can do is guess. --keith -- [EMAIL PROTECTED] alt.os.linux.slackware FAQ: http://wombat.san-francisco.ca.us/cgi-bin/fom
