------=_NextPart_000_0003_01CB20A1.7200A720
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit

My application has certain restriction so only users you are logged in
should have access to. I want to present a login form to users who are not
logged on. Once they have logged in they should only see 'log out' instead.




I am using Apache::Session to manage my cgi sessions, so to achieve this, I
am thinking of sending a token with each page to the user which they will
return to me whenever they request a new page. This means that each time a
page is requested, I will have to test whether the user is authorised (aka
logged in or not) by querying the session data. I am this will consume
resources if I have to do this each time before serving a page. Any better
ideas on how to tackle a situation like this?





Mimi


------=_NextPart_000_0003_01CB20A1.7200A720--

-----Original-Nachricht-----
> Subject: Track user login status
> Date: Sun, 11 Jul 2010 03:33:27 +0200
> From: Mimi Cafe <mimicafe [at] googlemail.com>
> To: <beginners [at] perl.org>


>
> I am using Apache::Session to manage my cgi sessions, so to achieve
> this, I am thinking of sending a token with each page to the user
> which they will return to me whenever they request a new page.
>

Session or Cookie is a general way for this purpose.
Are you programming under mod_perl?
Even under mod_perl CGI::Session is better than Apache::Session from my experience.
Or you could try CGI::Cookie instead.

Regards.

Postfach fast voll? E-Mail Adresse [at] t-online.de sichern und endlich Platz für tausende Mails haben.
http://www.t-online.de/email-kostenlos



--
To unsubscribe, e-mail: beginners-unsubscribe [at] perl.org
For additional commands, e-mail: beginners-help [at] perl.org
http://learn.perl.org/

Yep, I am using mod_perl. I have had a quick look at CGI::Session and it
appears to be the right way forward. Will try it.

Regards

=3D> Session or Cookie is a general way for this purpose.
=3D> Are you programming under mod_perl?
=3D> Even under mod_perl CGI::Session is better than
=3D> Apache::Session from my experience.
=3D> Or you could try CGI::Cookie instead.
=3D>
=3D> Regards.
=3D>
=3D> Postfach fast voll? E-Mail Adresse [at] t-online.de sichern und
=3D> endlich Platz für tausende Mails haben.
=3D> http://www.t-online.de/email-kostenlos


--
To unsubscribe, e-mail: beginners-unsubscribe [at] perl.org
For additional commands, e-mail: beginners-help [at] perl.org
http://learn.perl.org/

On Sat, Jul 10, 2010 at 11:13 PM, Jeff Pang <pangj [at] t-online.de> wrote:
> Session or Cookie is a general way for this purpose.
> Are you programming under mod_perl?
> Even under mod_perl CGI::Session is better than Apache::Session from my experience.
> Or you could try CGI::Cookie instead.

Though a cookie is only half of the problem. You usually want
something server-side that tracks users so that being logged in is
more sophisticated than sending a cookie header. ;) With a server-side
session, the cookie typically just tells you which session the user
belongs to and the session tells you which user is logged in, if any.
The cookie -> session part is typically handled automatically in other
languages (PHP, ASP, ASP.NET). I imagine a CGI implementation will
need to do that itself, though surely the existing CGI modules do that
part for you... I am of course making assumptions, which I should not
do. :\


--
Brandon McCaig <bamccaig [at] gmail.com>
V zrna gur orfg jvgu jung V fnl. Vg qbrfa'g nyjnlf fbhaq gung jnl.
Castopulence Software <http://www.castopulence.org/> <bamccaig [at] castopulence.org>

--
To unsubscribe, e-mail: beginners-unsubscribe [at] perl.org
For additional commands, e-mail: beginners-help [at] perl.org
http://learn.perl.org/

I have decided to use CGI::Session rather than Apache::Session as the former
seems to simplify the session management. For the backend (server-side) user
tracking, I will program the authentication logic in combination with
CGI::Session::Driver::mysql.

Regards

=> -----Original Message-----
=> From: Brandon McCaig [mailto:bamccaig [at] gmail.com]
=> Sent: 15 July 2010 16:18
=> To: Jeff Pang
=> Cc: Mimi Cafe; beginners [at] perl.org
=> Subject: Re: Track user login status
=>
=> On Sat, Jul 10, 2010 at 11:13 PM, Jeff Pang
=> <pangj [at] t-online.de> wrote:
=> > Session or Cookie is a general way for this purpose.
=> > Are you programming under mod_perl?
=> > Even under mod_perl CGI::Session is better than
=> Apache::Session from my experience.
=> > Or you could try CGI::Cookie instead.
=>
=> Though a cookie is only half of the problem. You usually
=> want something server-side that tracks users so that being
=> logged in is more sophisticated than sending a cookie
=> header. ;) With a server-side session, the cookie typically
=> just tells you which session the user belongs to and the
=> session tells you which user is logged in, if any.
=> The cookie -> session part is typically handled
=> automatically in other languages (PHP, ASP, ASP.NET). I
=> imagine a CGI implementation will need to do that itself,
=> though surely the existing CGI modules do that part for
=> you... I am of course making assumptions, which I should not do. :\
=>
=>
=> --
=> Brandon McCaig <bamccaig [at] gmail.com>
=> V zrna gur orfg jvgu jung V fnl. Vg qbrfa'g nyjnlf fbhaq gung jnl.
=> Castopulence Software <http://www.castopulence.org/>
=> <bamccaig [at] castopulence.org>
=>


--
To unsubscribe, e-mail: beginners-unsubscribe [at] perl.org
For additional commands, e-mail: beginners-help [at] perl.org
http://learn.perl.org/