http://www.perlmonks.org?node_id=1029371


in reply to CGI server module?

What I would generally do is this:

First, shove the entire authentication/authorization problem off to LDAP (OpenDirectory), where it properly belongs in any organization of any size.   :-)   Apache/Nginix can interrogate those credentials to grant or to deny access on a site-basis.   (It can also make the user’s authenticated identity and authorized credentials known to the web application.)   IIS is especially good at this.

Second, use redirects to send the user to a locally-defined destination such as, say, www.appname.mycompany.com.   Or some appropriate intra-net location.   Set up each application, more or less as-is, in each place.

Yeah, you’re darn right ... you passed the buck.