[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Entry Authentication
-----BEGIN PGP SIGNED MESSAGE-----
Ya know how we were talking about using cookies to keep track of users
once they login so they can submit entries and stuff like that? Well it
occured to me, why don't we just use the basic HTTP authentication modules
that come with Apache. Apache supports DBM user files which provides
excellent lookup speed with large lists of users (auth_dbm module). The
advantages are:
1) Easy to impliment (no special code for cookies/authentication)
2) No privacy issues assocaiated with cookies. (Server/browser does the
tracking auto-magically.)
3) Simple to maintain.
Bad:
1) Effects MySQL DB? Not sure.
2) Is the userid accessable??? There will probably be other places in the
site where we will want to leverage this info.
3) ???
- --
Aaron Turner | Either which way, one half dozen or another.
aturner@pobox.com | Check out the Red Hat Linux User's FAQ Online!
www.pobox.com/~aturner | http://www.pobox.com/~aturner/RedHat-FAQ/
All emails from this account are PGP signed. Lack of a signature is "bad".
PGP Key fingerprint = FB E1 CE ED 57 E4 AB 80 59 6E 60 BF 45 1B 20 E8
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNqUwbjM3jpXy1kJtAQFtWQP/Y66N2lMcu7fLTHZ3Es09ThNXplPIyoXI
OsoVWNPZFzgjaV0/STOF4LcdTSIs59hKH883SY2KqET7hWir8qiN458lH3Bkj7WK
HhIikVpSUOqkNvZ7utEQJW9ijbbR+5DnINZv8qMbrICtm3w112Md0pKAL4Sxg17a
1k8rJ35D3Z0=
=vcl1
-----END PGP SIGNATURE-----