[MKDoc-modules] MKDoc::Auth
William McKee
william at knowmad.com
Tue Mar 30 18:47:09 BST 2004
On Tue, Mar 30, 2004 at 05:06:12PM +0100, Jean-Michel Hiver wrote:
> So it seems to me that I am going to have to release, in fact, 3
> separate modules:
>
> MKDoc::Auth - Authentication layer
> MKDoc::AccessRules - Authorization layer
> MKDoc::Auth::BasicRules - Deploys basic access rules for MKDoc::Auth on
> a given site.
>
> Does this make sense?
Hey Jean-Michel,
The three layers make sense to me. However, I'd think that MKDoc::Authz
would be a more intuitive name for the Authorization layer.
FWIW, I do authentication/authorization using the following tools:
CGI -
authentication - custom login; managed with sessions
access rules - hash of runmodes and permissions
authorization - via CGI::Application (check permissions cgiapp_prerun)
mod_perl -
authentication - Apache .htaccess and/or Apache::AuthCookieDBI
access rules - user/group restrictions
authorization - carefully placed instance scripts which only allow
access to authorized subroutines
Cheers,
William
--
Knowmad Services Inc.
http://www.knowmad.com
More information about the MKDoc-modules
mailing list