good chemistry is complicated, and a little bit messy -LW |
|
PerlMonks |
Authenticating for multiple Catalyst appsby sherab (Scribe) |
on Apr 09, 2012 at 13:53 UTC ( [id://964131]=perlquestion: print w/replies, xml ) | Need Help?? |
sherab has asked for the wisdom of the Perl Monks concerning the following question:
I am managing about 5 different Catalyst apps and we're now finally getting into a serious look at authentication.
The easiest thing would be to simply LDAP authenticate against Active Directory but the company doesn't even have roles set up. When authenticating against AD, it requires two binds, the first being a user and password that simply can bind to AD and the next being the actual user name and password. The company is happy with doing this single bind using the user name and password and I went ahead and built that using Net::LDAP. The idea being that if they have put in a valid user name and password that they are then authorized to use the app. What they're after is the ability to authenticate once and then you can just redirect to whatever app you want to use. I know using DBIC that I could just create one app and have it authenticate and we could just store the session id in a separate database and from there go on to whatever app they want to use. Question is jumping into a new catalyst app after authenticating from another one and I'm not so sure that just having that session id alone is enough.
The more I think about it the more that this seems to make sense..... Given that we're storing a user name, password and session id already in a table after initial authentication, could we just use that session id to bring someone entry into another catalyst app? Anyone familiar enough with process to throw in some advice? I really appreciate it.
Back to
Seekers of Perl Wisdom
|
|