Guys, This is probably a very common question, so I will keep it breif.. perhaps someone could point me to an appropriate FAQ..
I am writing an app, that requires user authentication.. at the moment, it is actually only one CGI, and judging by it's size it's unlikely I will need to split it.. which possibly helps.. I would like to set up authentication, so that people have to log in to use it.. my usuall method is to use .htaccess, but this is quite a pain, as you then have to maintain usernames/passwords accross all the different subdomains etc.. The script resides in a mod_perl alias folder, and access-levels I can deal with internally, but the actual password protection I am a little unsure about.. Is it best to: - use .htaccess, and use a CGI (if you know of one) that allows managment of users... - use a PerlHandler script to do the auth? - some other thing... The server has an Admin system built in, which uses a perl-handler, and sets up / manages the server users...(along with everything else)... I was thinking of binding into this, but 2 probs.. 1 - the user Groups do not really reflect the access rights I wish to give out, so I would have to add another group, which means hacking appart the server admin cgi's... 2 - this ties it to being used on this particular server.. Anyway... any advice or right-direction-pointing would be great... Thanks in advance, Jimbo