I am seeking wisdom about the current 'state of the art' with respect to user authentication in a typical mod_perl (v1 or v2) environment.
this has been a question, oft asked by other brothers of the monastery, for example;
http://www.perlmonks.org/?node_id=464495
here is a sample of stock (and very good) response;
- investigate CGI::Session
- read CGI::Session::Tutorial
- investigate Apache::Session
- investigate Mason w/ Apache::Session
- session cookbook at http://search.cpan.org/~sherzodr/CGI-Session-3.95/Session/CookBook.pm
- other modules at cpan e.g. http://search.cpan.org/author/LDS/HTTPD-User-Manage-1.6
- should I even contemplate Google's AuthSub or YAhoo BBAuth or *gasp* AOL OpenAuth / MS Live Contacts API?
my particular need is further complicated by the requirement to manage users across the following;
unix user/groups: enforcement of perms on files and execution
svn repository: enforcement of svn groups and users
database: integrate with db users
apache users: integrate with http auth
I know that its unlikely that there exists any single approach to solving this problem ... any top tips ?
some ruminations;
- should I opt to for a single svn or linux user to represent application then have the notion of application users / groups?
- probably should define user/groups in data layer then transform from there
- is there any specific module/framework that is more appropriate
- there maybe more authentication schemes later on to integrate.
thx in advance, Jim Fuller
Update: In the end I decided to go with LDAP and was pleasantly surprised
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|