Michael Lackhoff wrote: > On 3 Apr 2006 at 8:33, Michael Peters wrote: > >> Even the most complicated auth setup can be done in Apache using >> mod_perl Authz and Authen handlers. Even though it's running at the >> apache level, it's still a part of your application since it's >> connecting to your database and has your business logic. It's just done >> before your application has a chance to run. > > Hmm. And how do I tell Apache that two users are permitted to view a > certain runmode but only one of them may see all the info?
That's a good question. I'm not convinced that this needs to be at the apache level, but it certainly could be. You could either create a subclass of the "normal" application that has the privileged stuff turned on, or simply create a new instance script (or "dispatch rule" if you're using C::A::Dispatch) which passes a "privileged" param into the application. Then use Apache to restrict access to that new instance script (or URL if you're using Dispatch). > e.g. in a template: > > <p>Some normal stuff</p> > [% IF user_is_in_group_x %] > <div>For your eyes only</div> > [% END %] You could even use the same template for both instance scripts/application modules in either of the above approaches. > And if I want to give it a try, where can I read more about these Auth* > handlers? http://www.modperlcookbook.org/chapters/ch13.pdf http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthzHandler http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlAuthenHandler Good hunting. -- Michael Peters Developer Plus Three, LP --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/[email protected]/ http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2 To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
