Re: ticketing solutions

[prev] [thread] [next] [Date index for 2005/04/22]

On Fri, 2005-04-22 at 13:59 -0600, Dan Brian wrote:
> My point was that I don't need a CPAN module to verify hashes. Features 
> could include a mechanism for rotating a key on the servers being 
> accessed, IP verification ...

Key rotation would be nice.  IP verification wouldn't be nice, unless
you're using it for an intranet app.  You can't expect people to use the
same IP from one request to the next.

> I didn't see anything on CPAN that does stuff like that, and wondered 
> if anybody had had experience with something "standard", or if this was 
> typically home-grown, as in my case.

There's not much that I'm aware of on CPAN that is specifically geared
to this.  I think a lot of people use Apache::AuthCookie and subclasses
of it.  I like mod_auth_tkt because it can handle protecting pages at
the proxy level and works across backend apps written in different
languages.

- Perrin