You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Asaf Klibansky <as...@realcommerce.co.il> on 2000/10/16 11:51:26 UTC
Re: Authentication Nightmare
Why not use a .pm file that will include an athentication module.. i call mine weblogin.pm
in each secure template just add on top something like:
=======================
use weblogin;
weblogin::authenticate();
=======================
this will call the authenticate module to run and if the user failed login it will just display a login screen and exit();
good luck! :)
asaf
----- Original Message -----
From: Ian Frawley
To: modperl@apache.org
Sent: Monday, October 16, 2000 5:41 PM
Subject: Authentication Nightmare
Can anyone help me with this really irritating problem. I have written a cgi script that is fired up from a ErrorDocument 403 that redirects a user to a logon screen if they attempt to enter a secure area. I then have a perl module that authenticates the entered username and password against a table in an Oracle Database through DBI/DBD.
Once I have authenticated the user I need to allow them to view the particular URL the were originally requesting. Getting the URL isn't a problem but redirecting them is.
I have asked this question before and the main advise given was to use the cookie based authentication in the Eagle book but the problem is that this has also got to work for WAP phones......
Ian Frawley
Software Development
Acquist
ifrawley@acquist.co.uk
0161 222 2400
Re: Authentication Nightmare
Posted by Ian Frawley <if...@acquist.co.uk>.
Hi Asaf
I am actually using a .pm file. I call it like this from httpd.conf:
<Location /securearea>
order deny,allow
deny from all
ErrorDocument 403 /cgi-bin/accessdenied.cgi
</Location>
The ErrorDocument then loads a page called logon.html which kicks off my authentication .pm like this
<Files logon.html>
AuthName "Relm"
AuthType Basic
PerlAuthenHandler Auth
require valid-user
</Files>
I know my pm works but I don't know how to redirect to the requested URL
Thank
Ian
----- Original Message -----
From: Asaf Klibansky
To: Ian Frawley ; modperl@apache.org
Sent: Monday, October 16, 2000 4:51 AM
Subject: Re: Authentication Nightmare
Why not use a .pm file that will include an athentication module.. i call mine weblogin.pm
in each secure template just add on top something like:
=======================
use weblogin;
weblogin::authenticate();
=======================
this will call the authenticate module to run and if the user failed login it will just display a login screen and exit();
good luck! :)
asaf
----- Original Message -----
From: Ian Frawley
To: modperl@apache.org
Sent: Monday, October 16, 2000 5:41 PM
Subject: Authentication Nightmare
Can anyone help me with this really irritating problem. I have written a cgi script that is fired up from a ErrorDocument 403 that redirects a user to a logon screen if they attempt to enter a secure area. I then have a perl module that authenticates the entered username and password against a table in an Oracle Database through DBI/DBD.
Once I have authenticated the user I need to allow them to view the particular URL the were originally requesting. Getting the URL isn't a problem but redirecting them is.
I have asked this question before and the main advise given was to use the cookie based authentication in the Eagle book but the problem is that this has also got to work for WAP phones......
Ian Frawley
Software Development
Acquist
ifrawley@acquist.co.uk
0161 222 2400