Re: [Fwd: AuthenDBI idea]
At 08:37 PM 1/15/2001 -0800, you wrote: On Mon, 15 Jan 2001, Edmund Mergl wrote: any comments ? [count number of times a user has logged in and such things] Hope I am not out of place here, and also that the ideas are generic enough to be applied to a wide number of authentication requirements. Here are two ideas. I.= The first idea for authentication: Provide a directive to perform a comparison on any or all fields of the current user's record. If the comparison is true, provide a URL to REDIRECT the original request. The supporting directives could be something like: Auth_DBI_comp {regexp} Auth_DBI_url"http://www.redirect.com/ok/" Where regexp is a comparison string and url is where to REDIRECT the user if the comparison is true. The original request URL should be passed as a url ? argument, so that a REDIRECT cgi target script could determine the original requested url. The target script could update any fields as required. The regexp needs to be able to easily access any arbitrary field values for the current user's record. Perhaps simply by pre appending a '$' to the field name. For example: Auth_DBI_comp {$username='xyz' $usecount4} This would REDIRECT every login with field "usercount" less than 4 for field "username" equal 'xyz'. A pass and fail condition would also be needed, perhaps just designated as PASS and FAIL. Being able to specify multiple conditions per authorization attempt would be useful. II. A second idea (for authorization) is to provide a generic way to set an Apache environment variable with the contents of any field for the current user. For example: Auth_DBI_env field1,field2 This would set two environment variables called: "FIELD1" and "FIELD2" with their field data content of the current user's record. I suppose if the data base had multiple records for a user, then the environment variables would contain a list of values.
Re: [Fwd: AuthenDBI idea]
On Mon, Jan 15, 2001 at 08:37:18PM -0800, Ask Bjoern Hansen wrote: On Mon, 15 Jan 2001, Edmund Mergl wrote: any comments ? [count number of times a user has logged in and such things] Other people would like to count / note / ... other things. It would be neater if you made an API the programmer could plug his own stuff into. Like "call this class/sub/foobar" when the user logs in, enters an invalid password, ... I agree entirely. Tim. p.s. I have a patch in the works that makes AuthenDBI store all the fields in the user table for the given user into a $r-pnotes(). That way users don't have to query the user table again to get extra information, which can be very expensive for busy sites.
[Fwd: AuthenDBI idea]
any comments ? Edmund -- http://www.edmund-mergl.de fon: +49 700 edemergl Edmund, I have idea for AuthenDBI.pm. I have not tried to code it yet, however. The function would come in two parts: A) Provide an option to keep a count of the number of times a user logs in. Store this value in DBI field. (Other field may also be considered, see below.) B) Provide a directive to perform a comparison on any and all fields of the user who successfully logged in. If the comparison is true, provide a URL to REDIRECT the user. The directives could be something like: Auth_DBI_logcountusecount Where usecount is the DBI field name to record the number of times a user has logged in. Auth_DBI_compare{regexp}URL Where regexp is the compare string and where URL is where to REDIRECT the user. I think that the original URL should be passed as a URL ? argument, so that the REDIRECT cgi target could determine the original request's URL. The regexp would have to be able to easily use any arbitrary field values. Perhaps simply by pre-appending the field name with a '$', for example: Auth_DBI_compare{$username='xyz' $usecount%2} /cgi/newDBIpasswd.pl This would run the "/cgi/newDBIpasswd.pl?original-URL" script every other time for user 'xyz'. Other additional informational fields that may be considered are: Auth_DBI_timefieldname to keep track of when the user last logged in. Auth_DBI_rejectfieldname to keep track of the number of bad log in attempts. What do you think? What did you think of my AuthzDBI.pm, "set field environment variable" hack, that sent you yesterday?
Re: [Fwd: AuthenDBI idea]
On Mon, 15 Jan 2001, Edmund Mergl wrote: any comments ? [count number of times a user has logged in and such things] Other people would like to count / note / ... other things. It would be neater if you made an API the programmer could plug his own stuff into. Like "call this class/sub/foobar" when the user logs in, enters an invalid password, ... If you are nice you could then make the example code do the "count number of times logged in" thing. :-) - ask -- ask bjoern hansen - http://ask.netcetera.dk/ more than 70M impressions per day, http://valueclick.com