The more I look at this the more it seems like we need a DBI-esq (as in a general API with several backends) for querying AND maintaining user/role/group data. Authen::Simple is half way there with the query interface but it doesn't provide a way to update the backend. Then my project would be a simple application based on this Auth.* API. But then I wonder if those different backends provide ways to be updated via Perl. For instance the POP3 backend is easy to query but doesn't provide a way to update it.

Perhaps I look more into expanding the existing modules to allow updateing of the data in a consisten manner, and then build my application/module on top of that.

I could always start with just a single DBI based driver layer and let others expand it to other auth.* systems