Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Web Authorization

by Eyck (Priest)
on Dec 29, 2005 at 06:43 UTC ( #519720=perlquestion: print w/replies, xml ) Need Help??

Eyck has asked for the wisdom of the Perl Monks concerning the following question:

Esteemed monks, I'm seeking a simple, multi-server, multi-app authorisation method. Those that I know of, are M$ Passport, Liberty Alliance's solution, and Stanford University WebAuth (

Do monks have any experience with those? Are there others worth mentioning? Why perlmonks isn't using them?

Replies are listed 'Best First'.
Re: Web Authorization
by davido (Cardinal) on Dec 29, 2005 at 07:55 UTC

    Why perlmonks isn't using them?

    Because PerlMonks isn't guarding any significant secrets, besides the combination to the St Wall shrine's maintenance access panel.

    Seriously, we allow posts by Anonymous Monk, which doesn't even require any kind of registration. The site has a moderation policy that seems to work fine for dealing with the occasional grafitti, and we use simple login techniques that also seem to work fine for our lightweight needs.

    The account numbers for the saintly fortunes are all stored off-site. ;)


Re: Web Authorization
by aquarium (Curate) on Dec 29, 2005 at 11:27 UTC
    the most used "industry strenght" cross-platform and cross-system authentication systems are: LDAP, Radius, no particular order. there are perl modules also for the above.
    the hardest line to type correctly is: stty erase ^H
Re: Web Authorization
by parv (Vicar) on Dec 29, 2005 at 21:05 UTC
    Are you really looking for an authORIZation method and not for authENTICation one? Authorization checks if a person is allowed to perform a certain task; while authentication checks if a person really is what they claim to be.
Re: Web Authorization
by jhourcle (Prior) on Dec 29, 2005 at 14:30 UTC

    I'd second Kerberos ... RADIUS and LDAP can handle authentication, but they're not really geared for the same sort of thing (where the authenication service doesn't necessarily trust the server that's doing the authentication).

    As for reasons why Perl Monks isn't using it, I couldn't say, but it was discussed a while back in Single Sign-On?

    As for my experience w/ remote authentication, it's mostly in LDAP, and I've done a little work w/ RADIUS, but I'm no expert in it. (they're simple, and if you control all of the servers that are doing the authentication, they're fine)

Re: Web Authorization
by perrin (Chancellor) on Dec 29, 2005 at 19:54 UTC
    There are dozens of others out there, and they have been listed here before. If you search for Passport I expect you will find the other questions about them.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://519720]
Approved by perl_lover
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (7)
As of 2023-02-05 14:53 GMT
Find Nodes?
    Voting Booth?
    I prefer not to run the latest version of Perl because:

    Results (31 votes). Check out past polls.