perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From _spitFIRE <>
Subject Re: asynchronous perl authentication!?
Date Thu, 07 Jun 2007 14:52:29 GMT

Hi Adam,
  You are perfectly right. However, I'm in dire need of a Ajax style login.
Do you have any clue on how to go about implementing the sytem?

Adam Tistler wrote:
> Even if you use AJAX, the page will still refresh because the AuthCookie
> module's authentication method redirect's you back to the login page so
> that the session cookie can be checked.  You might be able to get around
> that by overloading the authentication method using a subrequest instead
> of a redirect, although I am not entirely sure that will work.

  You say something about overloading the authentication method? Does that
mean I've to overload the "login" method? Is that a standard way? 

  It would help me a lot if you can tell me how to send an XML back if in
case the login fails. What I mean is the following.

  sub authen_cred {

    # this is the first time user is logging in
    my $allow = check_user_credentials(...);

    if $allow {
       # generate cookie that is checked subsequently my auth_sess_cookie
    } else {
        # return a XML with http status set to HTTP_FORBIDDEN


  Is that understandable? How do I implement the else part? If I simply say
something like... 

  HTTP_FORBIDDEN unless check_user_credentials(...)

  I see that the browser simply displays "404" on the screen. I thought that
this implies that I can break the authen_cred -> auth_sess_key flow, if in
case I can return an XML and further using AJAX, can display a error message
when login fails. Let me know, if there is something that I'm overlooking
currently! Finally, what about the method 'custom_errors'; would that help?

View this message in context:
Sent from the mod_perl - General mailing list archive at

View raw message