Hi there, 

I have created a working, fully functional apache module that I need
to have error checked for security purposes. This module is based on
mod_auth_cookie_mysql but I converted mysql to oracle version. Now, I
need to make sure that my module is error free and secured before I
deliver to production servers. Please reply to gosoojj@hotmail.com if
you can take look my custom module and check for errors for security
purposes.

Here is module information: 
1.  The module is built in C language to be a permanent addition to
the Apache 2.2 we are running on our Web/Download Servers. This is
Cookie Authentication module.
2.  The basic concept is that 'on-login' at our website; we create a
concurrent access to our download servers.  Any attempt to download
would go through this module for verification.  We check different
values against what is allowed.  Eg (downloads in the last 30 days) If
the verification is successful we allow the user to download the file,
if it is not successful the user is given an error message.
3.  We are using Oracle 9i. The module is using OCI (Oracle Call
Interface) to connect to oracle server.
4.  The cookie stored in the database is on a session basis only, and
is not a persistent cookie.  The cookie is created through a
significant method to verify that it can be unique and is necessary to
verify that the user is still the user that was authenticated at the
website.

If you need more information, please let me know. 
Thank you, 

JJ //