Menu
▾
▴
Re: [phpesp-dev] Proposed changes.
|
From: James E. F. <jf...@uv...> - 2004-02-09 03:35:22
|
Matthew Gregg wrote: > On Sun, 2004-02-08 at 18:03, James E. Flemer wrote: --snip-- > >>Having thought about this a little more, I think phpESP needs a bit more >>of an AAA solution. Well, maybe we can ignore the third "A" >>(accounting) for now, and just focus on authentication (authN) and >>authorization (authZ). I think that we should try to use PEAR::Auth for >>authN possibly adding to that project to have an Apache pseudo-"storage >>container". Then we need a simple but flexible authZ system. Right now >>authN and authZ are all rolled up into one, which makes it difficult to >>leverage existing authN systems. With separate "modules" one could >>easily get authn with ldap/apache/etc, but use (a subset of) the >>existing phpesp database for authz, or write a new authz module. >> >>Or maybe we should make a PEAR::AuthZ module that is designed around >>PEAR::Auth. >> >>Comments? > > Erg.. you make stuff hard :-) > I'll read up on PEAR::Auth and think about this. Well, an interim solution could be just to implement an apache auth module for phpESP as I first mentioned. I imagine that doing so would probably only take a few lines of code for respondents, and maybe a bit more for designers (unless you provide uniform authZ for all designers). -James |
