Re: Authentication using https

[prev] [thread] [next] [Date index for 2004/11/10]

> All,
> 
> I'm about to replace the authentication mechanism that
> our web site uses. However I wanted to sanity check my
> thought process. 
> 
> Is it possible to have an Authen handler sitting on
> certain areas of a site, and if a user isn't logged in
> (i.e. doesn't have an auth session cookie) we present
> them with a form. (I can do this, but the next bit is
> new to me). Then when they send their details, i.e.
> username and password, they go over an SSL connection,
> which provided they are correct, then shows the page
> the user originally wanted? 
> 
> Basically I have a mechanism working that does this
> without the SSL, but can I update it to use an SSL
> connection for the login form submit?
> 
> Marty
> 

see Apache-AuthCookie

I believe everything you want is implemented in this package

        -- 
        Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html