cutlass2006 has asked for the wisdom of the Perl Monks concerning the following question:
I am seeking wisdom about the current 'state of the art' with respect to user authentication in a typical mod_perl (v1 or v2) environment.
this has been a question, oft asked by other brothers of the monastery, for example;
http://www.perlmonks.org/?node_id=464495here is a sample of stock (and very good) response;
- investigate CGI::Session
- read CGI::Session::Tutorial
- investigate Apache::Session
- investigate Mason w/ Apache::Session
- session cookbook at http://search.cpan.org/~sherzodr/CGI-Session-3.95/Session/CookBook.pm
- other modules at cpan e.g. http://search.cpan.org/author/LDS/HTTPD-User-Manage-1.6
- should I even contemplate Google's AuthSub or YAhoo BBAuth or *gasp* AOL OpenAuth / MS Live Contacts API?
my particular need is further complicated by the requirement to manage users across the following;
unix user/groups: enforcement of perms on files and execution
svn repository: enforcement of svn groups and users
database: integrate with db users
apache users: integrate with http auth
I know that its unlikely that there exists any single approach to solving this problem ... any top tips ?
some ruminations;- should I opt to for a single svn or linux user to represent application then have the notion of application users / groups?
- probably should define user/groups in data layer then transform from there
- is there any specific module/framework that is more appropriate
- there maybe more authentication schemes later on to integrate.
thx in advance, Jim Fuller
Update: In the end I decided to go with LDAP and was pleasantly surprised