First of all, (I may catch some flack for saying this on this list) using PHP can be an option--you can combine PHP and perl in a web application; the browser won't know the difference. There's something to be said for writing in the language you are most familiar with, particularly for security applications. That being said, it is not a difficult thing to do at all with perl. A CPAN search on Authen brings up lots of modules, so you don't even have to write it from scratch. http://search.cpan.org/search?mode=module&query=authen One promising one looks like Apache::AuthenDBI, which uses mod_perl (an apache module that gives apache a persistent Perl interpreter for speed of execution, just like the mod_php that is required for PHP) and the DBI module for communicating with databases. Good luck. -- Mark Thomas [EMAIL PROTECTED] Sr. Internet Architect User Technology Associates, Inc. $_=q;KvtuyboopuifeyQQfeemyibdlfee;; y.e.s. ;y+B-x+A-w+s; ;y;y; ;;print;; > -----Original Message----- > From: Bill Platt [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, September 19, 2001 5:39 PM > To: [EMAIL PROTECTED] > Subject: [Perl-unix-users] Password Security > > > Hello Everyone, > > We supposed that we could enhance security to our server by > setting up our own password system, pulling passwords from > our Mysql db as opposed to relying on .htaccess. Since our > system will span over a couple of domains and permit access > to dozens of folders, we need a system that is congenial > to the multiple concept. The thought of having 2 dozen > .htaccess files with thousands of passwords in each is a > nightmarish proposal. > > While I am a newbie in perl, my co-programmer is experienced > in perl but does not know how to accomplish this in perl. > He says he knows precisely how to do it in PHP, but our system > has been built in perl. > > We need to do two things. We need to be able to trigger the > Username/Password box in the cgi directory with a cgi file, > and we need to know what variables to use to retrieve this > information from the box. We need this information for > comparison with the passwords in our database. > > I have been able to trigger the box with the .htaccess file, > but we are trying to escape the .htaccess method. > > > Any advice you can offer would be greatly appreciated, even > if it is only a link. I have so far examined over three > dozen pages without finding what we are looking for. > > > Thanks, > > Bill Platt > _______________________________________________ > Perl-Unix-Users mailing list. To unsubscribe go to > http://listserv.ActiveState.com/mailman/subscribe/perl-unix-users > _______________________________________________ Perl-Unix-Users mailing list. To unsubscribe go to http://listserv.ActiveState.com/mailman/subscribe/perl-unix-users
