]OT] http-authorization:

Les Mikesell lesmikesell at gmail.com
Fri Dec 2 13:57:23 UTC 2005

On Fri, 2005-12-02 at 02:11, Tim wrote:
> On Thu, 2005-12-01 at 11:35 -0800, Don Russell wrote:
> > As long as requests go through a cgi, I can check the cookie... but
> > what if it's just a plain html document? I want to make sure the
> > cookie is there/valid. (Thinking out loud.. maybe I can force all
> > requests through a cgi)
> That generally (always, in my experience) makes it slow to use a server.
> Every request needs parsing in a more cumbersome manner, and you can't
> navigate back and forth through what you've cached because most
> webmasters seem to not care about letting caching work sensibly.

The slowness depends on how your cgi executes.  If it is a perl
script loading perl on every hit it will be slower.  If you
use php, mod_perl, fastcgi, speedycgi, java, etc. where the
interpreter is loaded once for many hits you won't really see
a speed difference.  Some of the mod_perl application frameworks
also hook into the apache authentication mechanism to
work a little more directly.  There are also a large number
of apache authentication modules.  I haven't looked at those
recently but you might find one that lets your app supply
a cookie which will subsequently be accepted directly by
apache.  As far as caching goes, it shouldn't make any
difference.  Anything with basic authentication set should
not be cached anyway except by the local browser.

  Les Mikesell
    lesmikesell at gmail.com

More information about the fedora-list mailing list