Re: [cgiapp] How to split runmodes into different modules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cgiapp] How to split runmodes into different modules

Subject: Re: [cgiapp] How to split runmodes into different modules
Date: Mon, 03 Apr 2006 08:33:11 -0400
From: Michael Peters <suppressed>


Michael Lackhoff wrote:
> On 31 Mar 2006 at 12:18, Jesse Erlbaum wrote:
> 
>> One other note, on which I have been harping for years:  If you are
>> about to tell me that you can't have a separate instance script for each
>> application because your login system would have to be duplicated in
>> each application, then you're doing things wrong.  Authentication and
>> authorization belongs in Apache -- not in your CGI-App module.
> 
> No, this is not the reason, why I want to split my application but 
> still, I am not convinced that authorization belongs in Apache. Say I 
> have an application with a company and branches. Now I want that a user 
> is only allowed to run the runmodes with data of the brach the user 
> belongs to.
> This info is within the application and Apache doesn't know anything 
> about it -- at least if I don't want to duplicate my branch layout in a 
> htgroups file or similar.
> Or if this case is still simple enough that with some tricks Apache can 
> use the info in the database, what about special cases where a user is 
> granted rights just for part of the info, say anything, except sallary? 
> The 'knowledge' about the different roles of users is inherently within 
> the application and I cannot see how Apache can do really flexible 
> access restriction without being part of the application.

Even the most complicated auth setup can be done in Apache using
mod_perl Authz and Authen handlers. Even though it's running at the
apache level, it's still a part of your application since it's
connecting to your database and has your business logic. It's just done
before your application has a chance to run.

-- 
Michael Peters
Developer
Plus Three, LP


---------------------------------------------------------------------
Web Archive:  http://www.mail-archive.com/suppressed/
              http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed

Follow-Ups:
- Re: [cgiapp] How to split runmodes into different modules
  - From: Michael Lackhoff
- Re: [cgiapp] How to split runmodes into different modules
  - From: Sean Davis
- Re: [cgiapp] How to split runmodes into different modules
  - From: RA Jones

References:
- RE: [cgiapp] How to split runmodes into different modules
  - From: Michael Lackhoff

Prev by Date: RE: [cgiapp] How to split runmodes into different modules
Next by Date: Re: [cgiapp] How to split runmodes into different modules
Previous by thread: RE: [cgiapp] How to split runmodes into different modules
Next by thread: Re: [cgiapp] How to split runmodes into different modules
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.