So, one could, I suppose, run miniserv.pl locally, and build a web or whatever UI frontend using whatever tools you liked. Converting XML-RPC to a lighter protocol (I also like JSON for this; I've recently done some conversions of some modules to provide JSON rather than HTML for us with a jQuery frontend) wouldn't be overwhelming. Adding the ACLs back in probably would be...but you might want control over that in your front end anyway, if you're wanting to leverage Catalyst, which already has some conception of users and groups and such.

I just re-read this and realised an important point: miniserv.pl and the web front-end both need to have all the ACLs and any other protective logic. You can't trust your web front end.

It shouln't be that hard to implement, though. You put your ACLs or whatever into a module and use the same module in both.

Catalyst is a great example of code that makes it really easy to implement your own ACLs, roles, whatever, so I really recommend taking some time with it if you haven't already.