[Melbourne-pm] Perl web application framework recommendations
daniel at rimspace.net
Tue Aug 17 08:23:35 CDT 2004
On 17 Aug 2004, David Dick wrote:
>> Unfortunately, this only gives access to the very broken HTTP
>> authentication layer which, while useful for small scale work, tends to
>> be problematic for real-world applications in my experience.
> i actually tend to like HTTP auth because it makes automating a site
> with wget/et al trivial as distinct from fooling around with session
> cookies and POST requests, which, while possible is not fun.
I agree completely -- it is a great shame that basic auth falls short of
real-world requirements for login/user session management, since the
alternatives are awful, horrible and impossible to support
>> Specifically, the lack of any way to 'log out' of the system and the
>> difficulty in implementing any sort of single sign on across servers
>> are usually the killers out in the wild.
> the ability to log out has become a little weird imho, given that the
> major browsers offer to "remember" password fields anyway, so the
> ability to log back in again is usually a click away.
Most of the time when this has been an issue it has been one big thing
that was the problem: the law.
A number of places I have worked at have had various regulatory issues
that mean you *must* offer a logout option, and that it *must* terminate
the relevant access, etc, controls. Sure, not quite a match for the
technology that remembers passwords, but that is the law for you.
Even without that it is often desirable to know that the user has
finished with something -- I am occasionally irritated when I need to
administer my RT install, because it is hard to log out and back in as
another users, but not impossible.
> single sign on is a necessary thing sometimes thou, and as mentioned by
> paul the mod_perl.com example is a good one. It just depends on whether
> your application needs to jump across multiple domains.
Yes. I am very pleased to have learned about that, and will probably go
and study up on the apache2 hook structures in greater detail. Clearly
they are more capable than I had believed.
 I know. Trying to get an automated process to work with LiveJournal
was a world of irritation that I could well have lived without.
A silly remark can be made in Latin as well as in Spanish.
-- Cervantes, _The Dialogue of the Dogs_, 1613
More information about the Melbourne-pm