Re: Security

If you are using Apache server on Unix, then the type of security you seem to want is easy.

Apache's built-in basic authentication can use the following three files:

.htaccess (for defining what groups are allowed to use a directory);
.htgroup (for defining who is in a group); and
.htpasswd (for storing the names and encrypted passwords of users.)

For instance, let's say that you created a directory called SA and you only wanted users who are members of the SAgroup to have access. Then place in your SA directory an .htaccess file similar to the following:

AuthName "Security Solutions Center HelpDesk"
AuthType Basic
AuthUserFile /mypath/.htpasswd
AuthGroupFile /mypath/.htgroup
<Limit GET POST>
require group SAgroup
</LIMIT>
~
[download]

Your .htgroup file might look something like this:

SAgroup: NM1121 Ella Mojo
[download]

There are several ways to create your .htpasswd file of Apache users and their encrypted passwords. I like the htpasswd module on CPAN.

Comment on Re: Security Select or Download Code

Replies are listed 'Best First'.
Re: Re: Security by arhuman (Vicar) on May 23, 2001 at 20:20 UTC
Just for you to know : Be aware that Apache MD5 function used to store password, is not a standard one and is INCOMPATIBLE with Digest::MD5 or even other MD5 tools... "Only Bad Coders Code Badly In Perl" (OBC2BIP)	[reply]
Re: Re: Security by ok (Beadle) on May 24, 2001 at 00:40 UTC
++ Let Apache be your wheel!	[reply]


Think about Loose Coupling
	PerlMonks