|
Oliver Mellet
oliver at mellet.net
Sun Feb 8 21:47:36 EST 2004
I've got a situation where I need to protect pages, and I'm doing it using cookies and sessions. If the user requests a protected page and he or she hasn't logged in, I redirect them to a psp login page, which then POSTs to a publisher handler script. That script then does req.internal_redirect to the originating url, or back to the login page if the login didn't take. The problem I'm having is twofold: 1. If the login succeeds, then the internal redirect shows up in the location bar as the publisher script url, rather than the proper url of the protected document. It's ugly, but I can live with it if I have to. 2. If the login fails, the internal redirect back to the login page never happens; it seems like there's some sort of deadlock going from : login.psp redirect->POST login.py->internal_redirect login.psp Having said all that, there's probably a better way to skin this particular cat. If anyone has any suggestions, I'd be much obliged. Thanks Oliver
|