Beefy Boxes and Bandwidth Generously Provided by pair Networks Russ
No such thing as a small change
 
PerlMonks  

Re: mod_perl web app design considerations

by valdez (Monsignor)
on Sep 03, 2002 at 20:11 UTC ( #194888=note: print w/ replies, xml ) Need Help??


in reply to mod_perl web app design considerations

Interesting meditation!

I have another solution. Keeping images, maybe large ones, in memory or in a database forces you to use mod_perl to deliver them: you have a long print that can be instead handled by apache itself. You are replicating content generation and embedding security inside this phase of apache's life cycle.

What you need instead is authentication, authorization and access control. Following this route you need 'only' to create directories with access rights embedded in their names. A dedicated access control can give authorization to display some content to the real apache, gaining in speed and modularity.

If you need to share images between many servers I think NFS fyle system is a better option. Some discussions about this option can be found on mod_perl mailing list.

Hope this helps. Ciao, Valerio


Comment on Re: mod_perl web app design considerations
Re: Re: mod_perl web app design considerations
by vladb (Vicar) on Sep 03, 2002 at 21:12 UTC
    thanks for your reply, valdez! :)

    You go on to say...

    What you need instead is authentication, authorization and access control.

    But for this to work, wouldn't I have to implement my own Apache module to intercept requests and do authentiation and authorization based on the value of the requested URI? At this stage, I've already written moderate amount of code (due to tight deadlines rather than hard reasoning :) for the www.pagekit.org MVCC framework. The actual framework is very sound and I've come to appreciate both it's simplicity and power. It is also easy to write handles to serve pretty much any content. I also had a past experience serving images from the database.

    However, what you are suggesting sounds very enticing. I will appreciate it if you send me links to some resources on the web where I can further delve into this subject. ;-)

    _____________________
    # Under Construction

      Here I am :)

      Chapter 6 from Eagle Book describes what you need:

      In this chapter, we step back to an earlier phase of the HTTP transaction, one in which Apache attempts to determine the identity of the person at the other end of the connection, and whether he or she is authorized to access the resource. Apache's APIs for authentication and authorization are straightforward yet powerful. You can implement simple password-based checking in just a few lines of code. With somewhat more effort, you can implement more sophisticated authentication systems, such as ones based on hardware tokens.

      You can find a copy of this chapter here. mod_perl Developer's Cookbook provides some other examples on the same subject.

      I understand your point about deadlines, I was talking about theory, real life is another story ;-)

      Good luck for your project. Ciao, Valerio

      But for this to work, wouldn't I have to implement my own Apache module to intercept requests and do authentiation and authorization based on the value of the requested URI?

      Rather happily, that's an awful lot easier than it sounds. A skeleton authentication handler looks like this:

      package Apache::AuthAny; # file: Apache/AuthAny.pm use strict; use Apache::Constants qw(:common); sub handler { my $r = shift; my($res, $sent_pw) = $r->get_basic_auth_pw; return $res if $res != OK; my $user = $r->connection->user; unless($user and $sent_pw) { $r->note_basic_auth_failure; $r->log_reason("Both a username and password must be provided +", $r->filename); return AUTH_REQUIRED; } return OK; } 1;
      (that'll authenticate on the *presence* of both a username and password, via HTTP Basic Auth - obviously you'd want to substitute a real-world authentication scheme).

      The Eagle book gives full details, and some of it seems to be online here:
      http://modperl.com:9000/book/chapters/ch6.html
      (found through random Googling).

      hth, andye.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://194888]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (9)
As of 2014-04-19 05:05 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (478 votes), past polls