Re: Open Maket and FCGI Authorizer Question -Reply

Bill Snapper (
Wed, 26 Mar 1997 12:30:38 -0500

Message-Id: <>
Date: Wed, 26 Mar 1997 12:30:38 -0500
From: Bill Snapper <>
To: David Moulton <>
Subject: Re: Open Maket and FCGI Authorizer Question -Reply

David Moulton wrote:
> The way that the CONTACT_ID var gets set is via a lookup to a SQL database. I have the
> logic such that if REMOTE_USER, REMOTE_PASSWD, and CONTACT_ID have values already, a
> lookup to the database is not done, but the values are passed on through to the next page.
> I have verified that DB lookups are not being made when I access multiple pages in one of
> the protected dirs, so it at least appears that the CONTACT_ID is remaining in this case.
> I assume I am just missing some brain cells here.

I can see REMOTE_USER and REMOTE_PASSWD remaining across requests but
how is CONTACT_ID remaining?
> On a somewhat unrelated note, I have a couple of additional questions.
> I am thinking of using a cookie to hold the contact_id. Will an authorizer be able to see
> the HTTP_COOKIE var, assuming it is properly set?
I've not tried it but I can't see why not.

> Also, there are times when I need to authorize a person onto my site, but send them to a
> page other than the one that they requested. Is this possible? How?

Sure, do a redirect from your authorizer.

- Bill -

Bill Snapper           | Open Market, Inc.   | My opinions are my own,
Software Engineer      | 245 First St.       | and not necessarily | Cambridge, MA 02142 | those of my employer, 
1-617-949-7365         |                     | Open Market Inc.