perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tracy12 <j_lal...@yahoo.com>
Subject Re: Session Handling/Set Session attributes
Date Thu, 18 Jan 2007 00:53:10 GMT

Apache::AuthCAS module on CPAN does not support OPEN SSL also it creates
database tables to store data, we tried it on Apache 2.2 with mod_perl 2.0
it failed. We need only a serviceValidate from CAS not other functions.


mod_cas looks ok but does not supports Apache 2.2


We have almost finish our authentication module, infact it works, But only
thing is we are working on how to cache things as I am dealing wiht the
forum. If we know how to resolve this subsequent requests without doing the
Authentication logic all over we are done.

Thanks


Perrin Harkins wrote:
> 
> On Wed, 2007-01-17 at 14:50 -0800, Tracy12 wrote:
>> What about the security measures if we store authenticated user
>> information
>> in a cookie,
>> 
>> Cant we handle in the server session and and store it as a session
>> variable.
>> This would be much secure?
> 
> Have you looked at the Apache::AuthCAS module on CPAN?
> http://search.cpan.org/dist/Apache-AuthCAS/
> 
> It seems to already support the use of session cookies.
> 
> The various mod_cas modules that Google turns up also seem to support
> local caching of some kind.  I don't mean to discourage you from writing
> your own if you want to learn mod_perl, but if you just want to get
> something working, using those might be faster.
> 
> Regarding your earlier question about using basic auth with something
> like mod_cas, you can configure your 401 ErrorDocument to be a mod_perl
> handler which redirects to anything you want.  So, I believe you could
> use mod_cas if you choose to.
> 
> - Perrin
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Session-Handling-Set-Session-attributes-tf3030824.html#a8422921
Sent from the mod_perl - General mailing list archive at Nabble.com.


Mime
View raw message