On 4/2/06, Kevin <[EMAIL PROTECTED]> wrote:
> Cees,
>
> Thank you for your reply.
>
> I have the Authentication portion working properly. If I wanted to break up
> the runmodes using different modules depending on the users privileges,
> would CGI::Application::Dispatch be the way to handle the different
> modules?
You can, but you don't have to. You could just create two separate
instance scripts, that load two different modules. It makes sense to
create a base class that both of these modules inherit from so that
you can share the common code between them (like the authentication
and session stuff).
Here is a brief structure that might help get you started:
package MyBase;
use base qw(CGI::Application);
use CGI::Application::Plugin::Session;
use CGI::Application::Plugin::Authentication;
use CGI::Application::Plugin::Authorization;
__PACKAGE__->authen->config(
DRIVER => ['HTPasswd', '/etc/apache/htpasswd' ],
);
__PACKAGE__->authz->config(
DRIVER => [ 'HTGroup', '/etc/apache/htgroup' ],
);
1;
package MyAdmin;
use base qw(MyBase);
__PACKAGE__->authen->protected_runmodes(':all');
sub cgiapp_prerun
my $self = shift;
if (!$self->authz->authorize('admin')) {
# Does this user belong to the admin group?
$self->prerun_mode('authz_forbidden');
}
}
sub myrunmode {
my $self = shift;
# only users with admin group previleges should be able to get here
}
1;
#!/usr/bin/perl
use MyAdmin;
MyAdmin->new->run;
package MyOther;
use base qw(MyBase);
__PACKAGE__->authen->protected_runmodes(':all');
sub myrunmode {
my $self = shift;
# anyone that is logged in can access this one
}
sub myprotectedrunmode {
my $self = shift;
return $self->authz->forbidden unless $self->authz->authorize('foobar');
# only users in the right group can access this one
}
1;
#!/usr/bin/perl
use MyOther;
MyOther->new->run;
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/[email protected]/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]