Re: Best authentication methods for CGI <- PERL -> DBI
- From: amonotod@xxxxxxxxxxx
- Date: Wed, 8 Nov 2006 5:43:10 -0800
---- louis gonzales <gonzales@xxxxxxxxxxxxxx> wrote:
Hello Dist,
What are some best practices on an initial form taking a PW/ID from a
user to login.
Personally and professionally, I prefer to maintain my account structure in an external database, such as LDAP, and let the webserver do the actual authentication (session based authentication, doesn't get lost from page to page). I then only have to manage authorization and access control (using $ENV{REMOTE_USER}). Fact is, I've so far managed to avoid having to write my own authentication scheme, but wouldn't anyway, since there are so many good modules[1] out there...
There are many tools[2] for letting users manage their own LDAP account details, which you can wrap in a form of your liking. It is also possible to put together an page that would allow them to reset their password with knowledge of a "secret" question/answer passphrase. It's a bit of a classic, but it's a good classic, one the works...
1) http://www.modperl.com/
2) http://ldap.perl.org/
HTH,
amonotod
--
`\|||/ amonotod@ | sun|perl|windows
(@@) charter.net | sysadmin|dba
ooO_(_)_Ooo____________________________________
_____|_____|_____|_____|_____|_____|_____|_____|
.
- Prev by Date: script not working correctly
- Next by Date: Re: Insert/Update performance issues with Oracle 10gR2 + DBI + DBD::Oracle
- Previous by thread: script not working correctly
- Next by thread: Retrying a fetch after an error, without restarting the whole loop?
- Index(es):
Relevant Pages
|
|
