This is methodology related more than Perl related, but I'm using Perl to impliment and PerlMonks is one of the best communities I've ever been a part of... so here it goes.

Bishop Summary: I'm having issues getting my head wrapped around the authorization patterns and would appreciate any input or pointers to documents that discuss this. I've done webapps and document management for many years, but the rules of engagement have always been dictated by the customer or the software. This is my first time at designing authentication from the ground up.

My applications will fall into three basic catagories:

  • System report and documentation: I've got various Perl scripts digesting billing and log files from several system to give us usage stats. There will also be disaster recovery aspect to this, documenting the system's location, functionality and recovery process.
  • Document management: I'd like to use lucene to create search engine/knowledge based to find documents.
  • Process management: A ticketing/issue tracking system, outage/maintenance documents... And there will be some overlap.

    Pretty basic stuff, were it gets more complicated for me is the authorization. Parts of this will be segregated by department and some sections will be by person, but it will be all role based.

    At a page/webapp level, I figured it would be pretty easy. I would just pass the authenticated name and required role for the page against the user roles db and redirect if it failed.

    The first area I get overwhelmed is the menuing. I've got the main menu in a strip across the top and then menus downthe right side for the app, user role and quick links. Except for the main menu which will be fairly static, I'd like to build/maintain the context sensitive side menus from a DB.

    The other issue I have is the knowledge base. How do I build a document db with lucene, but tell the search engine that only certain roles can see certain docs?

    I know TIMTOWTDI, but... and this seems to be a common thread to my posts... there seems to be patterns and best practices that everyone seems to know but me :).

    • --Jimbus aka Jim Babcock
    Wireless Data Engineer and Geek Wannabe
    jim-dot-babcock-at-usa-dot-com

    In reply to OT: WebApp Authorization Question by jimbus

    Title:
    Use:  <p> text here (a paragraph) </p>
    and:  <code> code here </code>
    to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.