Hi , I got the idea. Thanks for your replies. Regards, Vera On Monday 11 November 2002 15:59, you wrote: > Hi Vera, > > Have you tried searching the archives for authorization/authentication? > There has been a lot of discussion in this group about how to handle user > authentication. To me much of it boils down to how much control you have > of your Apache server. If you are the admin, you would probably want to > use Apache's built-in mechanisms (or a mod_perl module such as > Apache::AuthDBI). If you don't have that much control, you may be forced > to including authentication/authorization into your module. The > cgiapp_prerun() method is a good place to add your > authentication/authorization checks. > > Hope that helps, > William On Sunday 10 November 2002 16:35, you wrote: > Hi, > > This just teaches me that I need to look at CPAN every stupid time I do > something :) > > I am talking about CGI::Session.. The one problem I do have with it is that > it uses files and it doesn't use by default Storeable which seems a lot > more flexable than Data::Dumper for this perpose at least as I understand > it. Right now I am struggleing a bit with an app that uses storeable, but I > need to pass though any possible values that could be in a query string, > this is so that we can deal with an affililate program, but one we don't > nessicary know the names of the values. I am finding more and more that as > much as I love CGI.pm I don't find its query param data as easy to work > with as a plain hash ref. So more and more I am just dumping the ->param > into a hash. I feel a little guilty about this, I don't know why. > > I am not sure I undestand what you are doing with user tracking, but I have > found a combination of Apache authentication with groups and database > storage of those groups/user info works out well. So part of your program's > task on any access would be to look at the remote user env var, look them > up in the database, and get a list of groups they belong too, the sucky > part of this is that to be correct, you have to duplicate your effort, make > groups with Apache auth as well, and just keep track of what is done in > your database. The program can do all of that, but it is still duplication > to have the rules in the DB as well as the .htaccess .htgroup files. I > used this basic idea to write a custom forum / calendar a while ago, it > works, and I can't think of a better way without using mod_perl and making > a customer authentication handler. > > > Eric > > At 05:24 PM 11/10/02 +0300, vd wrote: > >Hi from a newbie, > > > >I'm getting started building a user friendly application using > >CGI::Application,HTML::Template and a database(currently it's DB2) > >It should track a user, handling session, authenication, authorization. (A > >user could belong to different groups of users, each group having > > different permissions). I'm considering using Cookies and maybe > > CGI::Session for the session management, but I don't have idea yet how > > to handle authorization on a directory level and which modules would > > suit. > >Any recommendations, examples or links to online articles would be of > > great help. > > > >Thanks, > >Vera > > > >--------------------------------------------------------------------- > >Web Archive: http://www.mail-archive.com/suppressed/ > >To unsubscribe, e-mail: suppressed > >For additional commands, e-mail: suppressed > > (250) 655 - 9513 (PST Time Zone) > > "Inquiry is fatal to certainty." -- Will Durant > > > > > > --------------------------------------------------------------------- > Web Archive: http://www.mail-archive.com/suppressed/ > To unsubscribe, e-mail: suppressed > For additional commands, e-mail: suppressed --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/suppressed/ To unsubscribe, e-mail: suppressed For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.