jest has asked for the wisdom of the Perl Monks concerning the following question:

Wise monks,

I have a database application that has two levels of authentication: a standard Apache-based authentication to get into the site in the first place, based on IP addresses kept in httpd.conf and then on an htpasswd file if the IP doesn't work, and then an application-level login, based on checking against a database, saving user info (e.g. access levels) in a server-side session with one-hour expiration, and passing a random session ID in a cookie.

Most of my users do not have write/edit access to the database, just read access. They are also in specific corporate locations with fixed IP addresses. I have recently gotten complaints that it's a pain to have to log in all the time to use the database--this should, people think, be necessary only for people making changes.

What would be the best way to set up authentication on this basis? I'm imagining that anyone without a cookie then has their IP address via $ENV{REMOTE_ADDR} checked against a list, and setting a cookie with read-level permissions. Anyone needing a higher access level could go to a login page that will ignore the IP authentication when setting the cookie.

Is this sensible, and secure? Are there other modules or procedures that would be a better way of handling this? And is there any easy way to avoid duplicating the IP list between httpd.conf and the program? There are a number of different access levels stored in a database, it's not just a simple yes or no.

Thank you for any advice.