On 24 May 2012, at 13:45, Kenneth S Mclane wrote: > Well since the passwords are maintained by a company wide system and can be > authenticated via LDAP, I don't think I want to reinvent the authorization, > since it is working. > I think I will just reinvent the role checking, which should be much simpler.
Erm? The role checking _is_ the authorisation?? You mean 'the authentication'? And I'm not suggesting you re-invent it… I was suggesting you continue to do it from LDAP? > My question is: can I store the role information in the user session? I'll be > reading up on that today. Maybe one day I'll get ambitious and figure out how > to do it the way I wanted to. sure, you can just subclass the user class with your own user class to override the 'roles' method, and the 'for_session' and 'from_session' methods to do what you want. Cheers t0m _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/