You are viewing a plain text version of this content. The canonical link for it is here.

Posted to modperl@perl.apache.org by Gabriel C Millerd <gm...@qualhost.com> on 2002/10/17 03:06:13 UTC

AuthCookieDBI Question

     Is there any thinking about there being a security problem or the
potential for one with Apache::AuthCookieDBI's Cookie name of
Apache::AuthCookieDBI_[NAMEHERE] I from time to time look at the cookies
my browsers collect and i have never seen anything simular.

-- 
Gabriel C. Millerd |     I think a relationship is like a shark. It has to
     Script Monkey |     constantly move forward or it dies. Well, what we
                   |      have on our hands here is a dead shark. --Woody
                   |                           Allen

AuthCookieDBI semi working, one more testing question

Posted by George Valpak <gv...@yahoo.com>.

Thanks to everyone for your help so far. I still haven't figured out why it is not working out of the box, but I kluged the BEGIN block that gets executed at server startup time to hardcode the name of the secretkeyfile. All else seems fine in the browser after that. I guess that is how it has to be for now because I have to move on.

My question today is - is there a way to do a command line test of a pretected web page now? With Basic authentication I could use lwp-rget and wget etc, but those return "403 forbidden" now, even when passing the username/pw.

Thanks in advance for any thoughts or comments - 

GV