On 9/1/05, Michael Peters <suppressed> wrote:
> I wonder if this plugin shouldn't be called CAP::Authen, rather than
> just CAP::Auth. It validates that the user is who he says he is
> (authentication), but not whether or not they have access to a given run
> mode (authorization).
I'm open to name changes, but what you are describing is exactly what
I am planning. I think the two are different enough that separating
them into two plugins is the right decision.
I planned on tackling Authorization after I had a good chunk of the
Authentication side finished. It also needs to have a flexible system
that allows users to write their own Authorization mechanisms, since
there are lots of different ways of dealing with Authorization.
As for names, I was going to go with Auth and Authz, but Authen
doesn't sound too bad either. Or maybe go with the full names...
Cheers,
Cees
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.