I should probably place a plug and say that the open source extropia
authentication framework for Perl handles digital certificates, session's
with and without cookies, the unfriendly login screen, form-based logon
screens in it's default capacity.
As a company working on real projects, we've also adapted it to 3rd party
authentication schemes so our applications could plug into proprietary auth
mechanisms including a couple banks and a WAP portal (where asking
passwords is a pain for WAP users).
The free stuff is in the extropiaperl project at sourceforge.net and the
docs are at http://www.extropia.com/ExtropiaObjects/ including an extremely
detailed chapter on the basic choices you basically have related to auth on
the web.
Later,
Gunther
PS It was mentioned you probably need LDAP for certs. The key word is
probably. But it does add an additional layer of security and many
*IMPLEMENTATIONS* of using digital certificates require the use of LDAP as
a lookup data store to double check that the cert has not been revoked in
real-time.
However, digital certs are not for the faint of heart, they aren't cross
browser friendly, are a pain in the ass to mint unless you have bought a
3rd party digital cert mechanism (or force the user to get one at
Verisign), and require the use of SSL throughout the entire user session.
At 02:40 PM 10/17/00 -0500, Ian Frawley wrote:
>Is it not just possible through a perl module as I am not very clued up on
>digital certificates.
>
>Thanks
>
>Ian
>----- Original Message -----
>From: "John Saylor" <[EMAIL PROTECTED]>
>To: "Ian Frawley" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
>Sent: Tuesday, October 17, 2000 8:24 AM
>Subject: Re: Remembering Authentication
>
>
> > Hi
> >
> > ----- Original Message -----
> > From: "Ian Frawley" <[EMAIL PROTECTED]>
> >
> > > Is it possible to authenticate a user without having to use the
> > > unfriendly login box provided by browsers, without using cookies?
> >
> > 2 words: digital certificates
> >
> > This probably means a lot of infrastructure [LDAP, CA, smart cards ...],
> > but it will let your users authenticate without doing anything more than
> > clicking the certificate they want to use for authentication.
> >
> > \js
