[Melbourne-pm] Web auth meth
thogard at abnormal.com
Wed Sep 10 15:56:36 PDT 2008
Hi perl mongers,
I'm about to start a new project that is somewhat largish in scope and part of the workflow design we have involves using forms to login. That in its self is about as earth shattering as the LHC but the discussion turned into what framework we intend to use and how we are going do the user authentication. It seems to be that every web browser on the planet know about Basic Auth and most know about Digest Auth and Digest Auth seems to be about secure as anything when used with SSL. So why reinvent a session logging system when there doesn't appear to be a need? So I've been asking around looking for why some of the more complex systems are used. The biggest reason cited so far is "You can't make a nice looking login form"... hmmmm.... I think thats not entirely true.
Consider a standard web form that asks for user name & password. It tends to have a target of a
The disadvantages seem to be every framework doesn't want to work this way.
Any comments on this?
More information about the Melbourne-pm