On Tue, Aug 16, 2005 at 06:39:36AM -0700, Prakash Inuganti (pinugant) wrote:
> How do I restrict user access to certain run modes based on user role.
Lots of people have tackled this topic. Myself, I have a permissions
hash set in the instance script, and different instance scripts for each
role. I can then use the webserver to do user
authentication/authorization rather than each application. Obviously
that works well only when there are relatively few roles. But even with
many roles, you can delegate that off to another process. (a mod_perl
authorization handler, for example, that sets the role to an environment
variable.)
Regardless, I have a check at the start of each run mode in a limited
application. So I have checks like:
sub worker_run_mode {
my $self = shift;
return $self->public_run_mode() unless $self->allowed('Worker');
#actual run mode here
}
allowed() would be be a boolean subroutine to verify this login had the
named access.
Hope that helps!
--
SwiftOne / Brett Sanger
suppressed
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.