#2 How do I serve protected files to logged in users but not to

[Anonymous]

I very much like the complementary implementation of
Perl and Java scrript. The example works correctly
allowing my defined users to login and receive the
Welcome message. If they don't logout they can refresh
the Welcome message without logging in again.
I seem to be missing some understanding of how to
implement a secure tree of pages behind this utility.
If I redirect the user after login to a home page in the
webspace, it does get served but then any user could
get that page without logging in. If I redirect to files
outside of the webspace my server gives a 404 or 500
error. I do have control of the webserver and it is
currently a Win2k-server and the web server is Apache-
2.
I am sure you must have a schema for using the example
in earnest and I would really apreciate some guidance on
this.
Thanks,
Alan.

[Nobody/Anonymous]

Logged In: NO

I also need to do this. According to the explanation, the
server authenticates the cookie recieved using the IP address
as the variable data. The cookie age is then checked. After
working on this for a full day I have yet to see this work.

When hitting "reload" to see if the login page comes up, the
userid/pw is resubmitted by the browser anyway, so I don't
think this is an indication of it working. Closing all browser
windows, then starting a new browser and opening the link to
the mainProgram.cgi script still presents a login page.

I think I might have to hack the authentication method,
something seems to be broken there. Anyone have any other
suggestions?