User Management

ropey has asked for the wisdom of the Perl Monks concerning the following question:

Hello Fellow Monks

Currently the application I am supporting has a simple user management solution, a user gets given a rank from 1-5 where all facilities are available to *super users* with rank 5, a lesser amount of facilities to *admin users* with rank 4 and so on and so on.

The problem which is starting to emerge is there application is used by different *groups*, and this current situation group a, with rank of 4 can change group b's settings.

In the future, I forsee it getting it even more complicated, as there may be multiple new companies, each having multiple groups and multiple users

Now I could start looking at enhancing the simple system to allow groups, however I think I am getting to the point where its obvious there’s a wheel somewhere which I don’t want to re-invent, so has anyone any suggestions of a good alternative to meet my needs ? must be able to support users/groups, users with different privileges, be able to access via a perl application to authenticate, be facilities to manage users ?.... I know its out there, I just am blinded to where

Comment on User Management

Replies are listed 'Best First'.
Re: User Management by cazz (Pilgrim) on Apr 27, 2005 at 03:34 UTC
There are a ton of group management solutions out there, but the first to come to mind is LDAP. Then let someone else admin who is in what groups and what roles those groups have.	[reply]
Re: User Management by cbrandtbuffalo (Deacon) on Apr 27, 2005 at 13:26 UTC
We're going to LDAP to solve some of the same issues (we used to use DCE, but I think we were the only people on the planet, so it's going away). LDAP is nice because it is widely used, very stable, and has multiple perl modules that hook into it, both for query and update. There are also apache hooks as I was recently informed: Persistent LDAP connections in Apache.	[reply]
Re: User Management by dragonchild (Archbishop) on Apr 27, 2005 at 12:44 UTC
Essentially, you want a roles-based solution. You could hand-roll one - they're not that hard. Or, you could just use an off-the-shelf solution like LDAP. shrugs The Perfect is the Enemy of the Good.	[reply]
Re: User Management by eibwen (Friar) on Apr 27, 2005 at 03:44 UTC
When I read the first paragraph of your post, I found your setup akin to IRC, but as your post progressed, I immediately thought of Linux itself. Do you really need to implement this in perl? Perhaps a UML solution?	[reply]