On Thu, 27 Feb 2003, Perrin Harkins wrote: > Jean-Michel Hiver wrote: > > Yes, but you're then making the authorization layer inseparable from > > your applicative layer, and hence you loose the interest of using > > separate handlers. > > It's pretty hard to truly separate these things. Nobody wants to use > basic auth, which means there is a need for forms and handlers. Then > you have to keep that information in either cookies or URLs, and there > is usually a need to talk to an external data database with a > site-specific schema. The result is that plug and play auth schemes > only work (unmodified) for the simplest sites.
Anyone using PubCookie? http://www.washington.edu/pubcookie/ -- Bill Moseley [EMAIL PROTECTED]
