Best of Breed Choice: mod_perl
Embedding a Perl interpretter into Apache allows one to harness a lot of power! By building on component systems, CPAN libraries and the Apache API, we clearly benefit from an expanded breadth of possibilities using mod_perl.

For instance, to log into our publishing system, you must access the SSL virtual host. It's running the Apache::AuthDBI module to look up users in the database. We have our own PerlHandler that issues a cookie with connection characteristics hashed against a secret key. A PerlAccessHandler then verifies that user is permitted by checking the cookie values against the hashed data. Username and passwords never cross the wire in the clear thus users can access the publishing system across the public networks reasonably assured of security.

Session data is maintained with Apache::Session to prevent repeated SQL lookups as users access the system. Once we know who the user is, we can populate their session with some of their personal infoirmation, their group memberships and other vital data that we don't want to have to fetch from the database for every request.

Of course there's also a Logout handler to ditch the session and login cookies. All of this is accomplished with fairly simple code on top of CPAN modules and the Apache API.

Slide 32 of 37 Contents
  1 |   2 |   3 |   4 |   5 |   6 |   7 |   8 |   9 | 10
11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20
21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30
31 | 32 | 33 | 34 | 35 | 36 | 37
www.arachna.com > Educational Resources > Conference Presentations
spidaman
 		© 2000-2008 Ian Kallen | Copyright Notice