RE: Authorization questions

Thu, 27 Apr 2000 13:46:44 -0700 

Different paradigm.  There aren't going to be any unix users corresponding to the 
users on the site (read: like an amazon.com user, not a unix user).  This is going to 
be used on a website for personalization stuff, and I think the potential of having 
1000000+ unix users is a bad thing for performance. ;)

So, it needs to be done in a database.

My main concern is not the querying of the database server...thats easy.  My question 
is the *way* the info is requested, and trying to fit that in well with Apache.

-----Original Message-----
From: Jerrad Pierce [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 27, 2000 1:45 PM
To: 'Michael Nachbaur'
Subject: RE: Authorization questions


Why not rely upon the underlying filesystem's ACL's...

Have the REMOTE_USER be in various groups on the system, to gain various
priveleges to various files... (and set euid and egid within your module)?

  o _
 /|/ |           Jerrad Pierce             \ | __|_ _|
 /||/           http://pthbb.org          .  | _|   |
 \||          _.-~-._.-~-._.-~-._@"      _|\_|___|___|


> -----Original Message-----
> From: Michael Nachbaur [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 27, 2000 16:39
> To: mod_perl Maillist
> Subject: Authorization questions
> 
> 
> I have a question.  I'm working on a project that requires 
> not only file-by-file authentication and authorization, but 
> task-by-task authorization within a file (for instance...read 
> access, but not write).  Basically, I'd like to have a 
> database table define permissions (which can be associated 
> with groups and users), and what type of permission it is: 
> file-level, or task-level (or external/internal).  Then, 
> provide methods that a perl program can use to ask "Am I able 
> to do this?".
> 
> Is there something out there that does this?  I'm planning on 
> writing a module to handle this, so if theres something that 
> I can start with, that would help things out a lot.  Also, if 
> anyone wants anything similar to this, let me know what 
> features you'd like, and I'll see if I can integrate 'em into 
> my requirements.
> 
> I'm also thinking of doing something similar for 
> authentication (because I'd like to have a login screen in 
> HTML, instead of having that HTTP popup login window.).  
> Anything out there that does this?
> 
> If this is a case of RTFM, could someone point me to where I 
> can learn more about this?
> 
> Thanks a bunch,
> -MN
>

Reply via email to