name: Jeff Younker email address: [EMAIL PROTECTED] web page: http://www.theblobshop.com desired username: JEFF most immediate submission: A module which encapsulates the dirty parts of authentication verification for CGI scripts. It is a generalization of something which Luke Sheneman at inktomi cooked up. It uses an LDAP server for authentication and stores the intermediate state information in an SQL database. Initial authentication is performed against LDAP servers, and credentials are stored into the SQL database upon successful verification. The credentials are then stuffed into a cookie and a "passkey" (stored in a hidden field) which are then used for authentication of subsequent pages. The injection and extraction of the cookie and passkey are handled by a wrapper around CGI.pm, and there are a variety of options for determining credential lifetimes and usage policies. The current version requires perldap, but it will be fairly easy to generalize it for Net::LDAP and other authentication sources. It will take a little rework, but it should fairly simple to include a file backed as an option for credential storage (instead of using SQL). -jeff
