Most back-end frameworks have pretty good starting points for these types of things.
I know in Rails most people use acts_as_authenticated which sets up everything for you with a few calls on the command line. I would imagine you aren't using ruby but I'm sure there is similar set ups for the other languages and frameworks. For me at least, I feel like I need to base these kinds of choices on everything that I'm getting and what I wont be able to do because of that choice. That framework is in java so everything else will have to be also, you also have to figure out how you want to structure your whole app, if you structure it in a way that isn't secured by your login system then non of this matters. That's why I would look for a web framework first and look for a authentication system to tie into it. Also keep in mind that there are different types of login systems, do you just need to log in or are there different types of access( admin and public ). If so you will need something that deals with roles. I'm sure you can figure it all out, I just wanted to make sure you didn't get into anything to deeply and not know about any of this. -Tyler Larson On Mar 6, 2008, at 11:45 AM, Marc Hughes wrote: > Someone sent me this... > > http://kasai.manentiasoftware.com/ > > It's the authentication/permissions piece of a project. > > It looks like the best starting point so far. I may end up using that > and build something upon it since it gets you half way there. > > -Marc > > On Wed, Mar 5, 2008 at 11:29 AM, Marc Hughes > <[EMAIL PROTECTED]> wrote: >> From what I understood, open ID is a specification for how to do a >> cross-domain single login. >> >> But thinking about it, maybe there's an open implementation of >> Open ID >> that would be what I'm looking for. I'll have to investigate that >> route sometime soon. >> >> -Marc >> >> >> >> On Wed, Mar 5, 2008 at 9:14 AM, Zárate <[EMAIL PROTECTED]> wrote: >>> Hi there, >>> >>> Have you seen Open ID already? >>> >>> http://openid.net/ >>> >>> An open and decentralized identity system, designed "not to >>> crumble if >>> one company turns evil or goes out of business" >>> >>> Cheers, >>> >>> Juan >>> >>> >>> >>> On Wed, Mar 5, 2008 at 1:24 PM, Marc Hughes >>> <[EMAIL PROTECTED]> wrote: >>>> Blogs, CMS, bulletin boards, chat systems, social networks, most >>>> RIA's... they all have something in common. Users. Users need to >>>> sign up and log in. Why is it that each system, even open source >>>> systems, end up implementing their own User management >>>> system? I bet >>>> there's several million login form implementations out there by >>>> now, >>>> that's stupid. >>>> >>>> So, does anyone know of any open source user management / >>>> subscription systems? >>>> >>>> In general I'd want things like >>>> >>>> - Allowing users to sign up (email verification, catpcha support, >>>> configurable list of user details to require) >>>> - Assign various access levels (or attributes?) to users. >>>> - Allow users to log in / log out >>>> - Detect multiple failed logins for a user or from a source >>>> host with >>>> configurable temporary lockouts >>>> - Provide a simple API to use in applications that build upon >>>> it to >>>> get login status & access level (preferably language-agnostic) >>>> - Mechanism for retrieval of forgotten passwords (email? security >>>> question(s)?, combination?) >>>> - Provide a simple html based UI to handle all of these functions >>>> (including administrative functions like approving, disabling, >>>> changing access, etc.). >>>> - Provide an XML-RPC or AMF based interface to perform all of the >>>> functions so it's easily customizable by application that >>>> builds upon >>>> it. >>>> - Mechanism to include paid subscriptions >>>> >>>> There's a ton of full-featured CMS systems out there like drupal, >>>> postnuke, etc. But I'd really like a very basic user management >>>> system that was designed to be built upon. I fear starting >>>> with one >>>> of those all-encompassing packages would result in a lot of >>>> unneeded >>>> complexity, and a giant security risk in code that I don't even >>>> need. >>>> >>>> Weird thing is I've needed this for a personal project for a while >>>> now, and my day-job just asked me the exact same question >>>> yesterday. I >>>> have to believe there's a huge demand for it. >>>> >>>> Thanks for any info, >>>> -Marc >>>> >>>> p.s. much of this email copied from blog, sorry it the tone >>>> sounds weird. >>>> >>>> _______________________________________________ >>>> osflash mailing list >>>> [email protected] >>>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>>> >>> >>> >>> >>> -- >>> Juan Delgado - Zárate >>> http://zarate.tv >>> http://dandolachapa.com >>> http://loqueyosede.com >>> >>> _______________________________________________ >>> osflash mailing list >>> [email protected] >>> http://osflash.org/mailman/listinfo/osflash_osflash.org >>> >> > > _______________________________________________ > osflash mailing list > [email protected] > http://osflash.org/mailman/listinfo/osflash_osflash.org _______________________________________________ osflash mailing list [email protected] http://osflash.org/mailman/listinfo/osflash_osflash.org
