, or an image? It can't be done cleanly. But with
Authentication handlers, you can hook them to a Location or Directory
directive or even a Files directive in the httpd.conf file. So you can
protect an entire directory with ease.
Cheers,
Cees
Cees Hek wrote:
[chomp]
Thanks Cees, that's exactly what I needed :) My stuff is all completely
generated by scripts where I need access control, but I certainly
see the use for controlling static entity access.
Carl
Forgive me for asking yet another fundamentally basic question.
I'm cutting a web app over from PHP to mod_perl 2, and
am wondering how 'best' (for which there are many flavours ...)
to handle authentication.
At present I've knocked up a site that does auth via a
form and state tracking with
On Mon, 5 Mar 2001, Daryl Campbell wrote:
Cees suggestion seems to unlock part of the browser behaviour puzzle
that we are trying to solve to meet the following requirements for a
PerlAuthenHandler:
*URL based session handling if cookies not enabled,
*LDAP authentication,
*Force
From: Erdmut Pfeifer [EMAIL PROTECTED]
Subject: Re: Authentication handlers
On Mon, Mar 05, 2001 at 10:28:15AM +1100, Sisyphus wrote:
- Original Message -
From: Pierre Phaneuf [EMAIL PROTECTED]
To: modperl [EMAIL PROTECTED]
Sent: Monday, March 05, 2001 9:29 AM
Subject: Re
On Sat, 3 Mar 2001, Kiran Kumar.M wrote:
hi , i'm using mod_perl authentication handler, where the user's
credentials are checked against a database and in the database i have
a flag which tells the login status (y|n), but aftr the user logs out
the status is changed to n , my problem is
Cees Hek wrote:
So instead of storing a y/n in the database, store a unique string that is
used as the realm, and clear it when they log out. Now everytime you send
the Authenitication required header, send the unique realm for this user
that you stored in the database, and if it doesn't
- Original Message -
From: Pierre Phaneuf [EMAIL PROTECTED]
To: modperl [EMAIL PROTECTED]
Sent: Monday, March 05, 2001 9:29 AM
Subject: Re: Authentication handlers
Cees Hek wrote:
So instead of storing a y/n in the database, store a unique string that
is
used as the realm
On Sun, 4 Mar 2001, Pierre Phaneuf wrote:
Good one! The only bad thing I see is that the realm is visible in the
dialog box the user see, isn't it? Seeing a random string might be a bit
unsettling for the user, but there is no technical reason for it not to
work.
Well, since the only
On Mon, Mar 05, 2001 at 10:28:15AM +1100, Sisyphus wrote:
- Original Message -
From: Pierre Phaneuf [EMAIL PROTECTED]
To: modperl [EMAIL PROTECTED]
Sent: Monday, March 05, 2001 9:29 AM
Subject: Re: Authentication handlers
Cees Hek wrote:
So instead of storing a y/n
"Paul J. Lucas" wrote:
Is there any means of removing the username and password from the browsers
cache.
$r-nocache(1);
No, I think he's talking about the "basic" authentication information,
that browsers keep in memory until they are stopped.
I think that if you give them an
At 12:58 PM 03/03/01 +0530, Kiran Kumar.M wrote:
hi ,
i'm using mod_perl authentication handler, where the user's credentials are checked against a database and in the database i have a flag which tells the login status (y|n), but aftr the user logs out the status is changed to n , my
Bill Moseley wrote:
i'm using mod_perl authentication handler, where the user's
credentials are checked against a database and in the database i
have a flag which tells the login status (y|n), but aftr the user
logs out the status is changed to n , my problem is that after
logging out
On Sat, 3 Mar 2001, Pierre Phaneuf wrote:
"Paul J. Lucas" wrote:
Is there any means of removing the username and password from the browsers
cache.
$r-nocache(1);
No, I think he's talking about the "basic" authentication information,
that browsers keep in memory until
At 10:11 AM 03/03/01 -0500, Pierre Phaneuf wrote:
The problem here is that the first basic authentication is not any
different from the next ones, so if he marks the user as logged out,
going to an page requiring authentication will simply mark the user as
logged in.
That's what I was assuming.
hi ,
i'm using mod_perl authentication handler, where
the user's credentials are checked against a database and in the database
i have a flag which tells the login status (y|n), but aftr the user logs out
the status is changed to n , my problem is that after logging out if the
user goes
On Sat, 3 Mar 2001, Kiran Kumar.M wrote:
Is there any means of removing the username and password from the browsers
cache.
$r-nocache(1);
- Paul
17 matches
Mail list logo