[MKDoc-modules] MKDoc::Auth

Jean-Michel Hiver jhiver at mkdoc.com
Wed Mar 31 11:39:36 BST 2004

>The three layers make sense to me. However, I'd think that MKDoc::Authz
>would be a more intuitive name for the Authorization layer.

>FWIW, I do authentication/authorization using the following tools:
>CGI -
>    authentication - custom login; managed with sessions
>    access rules - hash of runmodes and permissions
>    authorization - via CGI::Application (check permissions cgiapp_prerun)
I am not yet completely clear what I am going to do about authorization.

Currently in MKDoc we've got some simple, hierarchical 'read/write' type 
permission, however this is not generic at all.

However as I'm modularizing MKDoc, I'm moving further towards a 
completely RESTful type of architecture in which every bit of 
functionality has its own URI. So I'm planning on making the 
authorization layer work with URIs.

It has the advantage to be completely application independant. As long 
as your apps use well-constructed URIs for each separate bit of 
functionality, there should be no trouble applying quite fine-grained 

I intend to get the authorization layer to work with access control. I 
have written a module, MKDoc::Control_List, which may serve as a 
low-level module for a potentially more sophisticated permissions / 
rules application.



More information about the MKDoc-modules mailing list