[Melbourne-pm] Perl web application framework recommendations
Daniel Pittman
daniel at rimspace.net
Mon Aug 16 20:50:32 CDT 2004
On 17 Aug 2004, Scott Penrose wrote:
> On 16/08/2004, at 11:15 PM, Daniel Pittman wrote:
>> On 16 Aug 2004, Paul Fenwick wrote:
>>> Tim Hunt wrote:
[...]
>> Unfortunately, this only gives access to the very broken HTTP
>> authentication layer which, while useful for small scale work, tends to
>> be problematic for real-world applications in my experience.
>
> It isn't as broken as you might think. If you use Digest Auth, there is
> no problem with password security. And most browsers these days support
> Digest.
*nod* This issue with it is...
[...]
> But sign out is a problem. There is an example Apache module (in Perl)
> which does this, but only works on a subset of browsers and relies on
> the browser honouring it. So that may be the show stopper for Basic
> auth for you.
This is the usual show-stopper. Most of the commercial web stuff I have
either dealt with or been around needed the ability to sign out, ideally
without giving the user back a 401 page of any sort, and with IE.
Daniel
--
A wonderful discovery, psychoanalysis.
Makes quite simple people feel they're complex.
-- S. N. Behrman
More information about the Melbourne-pm
mailing list