comment on

I think that you are thinking about this in a way that is more confusing and less natural than a basic authentication scheme needs to be. Using the method that you outline, you would need to:

check username against a file
send user to appropriate login page
authenticate user
send user to appropriate page if success
bail if not

You probably want to be storing username, a crypted password and permissions in the same file. This way you can:

authenticate user
send user to page based upon permissions if success
bail if not

This method is a much closer idiom to the tried and (fairly) true basic method of user authentication on *NIX. If you want to take it a bit further, set up a global sattelite network and implement Rabins' bounded storage model :)

The following code will hopefully give you enough pointers to up-jump your boogie and learn a bit about authentication schemes. Wrapping this into your CGI program is left as an exercise. Happy trails.

#!/usr/bin/perl -w
use strict;
$|++;

#---------------------------------------------------------------------
+---------
# Basic Auth and entitlement function set.  Read perldoc -f crypt for 
+a tad
# more information on crypt and salt (contains a nice function for ran
+dom
# salt).  Then go on and read many more tomes to get a tad more inform
+ation :)
#---------------------------------------------------------------------
+---------

my ( $username, $passwd ) = @ARGV;
if ( my $permissions = &check_passwd( $username, $passwd ) ) {
  print "$username is $permissions\n";
} else {
 print "authentication failed\n";
}

##
# check_passwd( $username, $password );
#
# returns group or permissions or whatever you have in the third colum
+n of your
# passwd file if username and password match
#
sub check_passwd ($$) {
  my ($input_username, $input_passwd) = @_;
  while (<DATA>) {
    my ($username, $crypted_passwd, $permissions)  = split ':';
    next unless $input_username eq $username;
    my $crypted_input_passwd = crypt($input_passwd, $crypted_passwd);
    if ( $crypted_input_passwd eq $crypted_passwd ) {
      chomp( $permissions );
      return $permissions;
    }
  }
  return;
}


##
# DATA file description and data (with unencrypted passwords, for test
+ing)
#
# username:passwd:permissions
# nob:bob:god
# rim:tim:angel
# hal:kal:devil
##

__DATA__
nob:a1ni5aPmumc2E:god
rim:jZR4taPdoUdwA:angel
hal:0ZYFuJV/xWRvc:devil
[download]

In reply to Re: ** MULTIPLE LOGIN AUTHENTICATION WITH PERL BASED ON ACCESS PERMISSION. by dug
in thread ** MULTIPLE LOGIN (remainder elided) by NodeReaper

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.