You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Malka Cymbalista <Ma...@weizmann.ac.il> on 2007/01/08 14:00:41 UTC
saving userid
I am running Apache 2.0.55 with mod_perl 2.0.1 and Perl 5.8.1 on a Sun
Solaris machine. I am writing a perl script that requires the user to
log in with a userid and password in order to access the pages the
script creates. We plan on using standard http authentication. Once the
user logs in, is there a way to save the userid and check it to make
sure that the user who is now working is the same user who logged in?
The problem is that users will be entering data and a user can only
change the data he has entered.
Thanks for any help.
Malka Cymbalista
Webmaster, Weizmann Institute of Science
malki.cymbalista@weizmann.ac.il
08-934-3036
Re: saving userid
Posted by Perrin Harkins <pe...@elem.com>.
Malka Cymbalista wrote:
> We plan on using standard http authentication. Once the
> user logs in, is there a way to save the userid and check it to make
> sure that the user who is now working is the same user who logged in?
You're trying to make sure that users don't switch to logging in as
someone else part-way through some work? They still have to provide a
username and password on every request with basic auth, so I don't think
it will really matter. If you really want to, keep the original
username in a cookie or a cookie-based session. You will have to
provide some form of logout if you do this though, which is not usually
done with basic auth.
- Perrin
Re: saving userid
Posted by Sean Davis <sd...@mail.nih.gov>.
On Monday 08 January 2007 08:00, Malka Cymbalista wrote:
> I am running Apache 2.0.55 with mod_perl 2.0.1 and Perl 5.8.1 on a Sun
> Solaris machine. I am writing a perl script that requires the user to
> log in with a userid and password in order to access the pages the
> script creates. We plan on using standard http authentication. Once the
> user logs in, is there a way to save the userid and check it to make
> sure that the user who is now working is the same user who logged in?
> The problem is that users will be entering data and a user can only
> change the data he has entered.
You might want to look here for some ideas:
http://perl.apache.org/docs/1.0/guide/security.html
This is from the mod_perl 1 docs, but I don't think things have changed much.
Sean