In article <CUUSc.31580$ih .24315@fed1read 07>, Carl J. Hixon wrote:
I am setting up a web site and have questions about security. I would like
to use a forum script like phpBB, I would also like to use a CMS package
like Mambo, and a file sharing system. Since I will be storing confidential
content and the forums are for authorized users only...I'd like all of these
packages to use the same user authentication. Furthermore, I'd like to
allow users to be able to create an account but not access the files until
their account is approved (phpBB) has this feature built in.
I don't know how to integrate all of the different packages that I plan to
use. Is using htaccess files a good way to go? If so, are there scripts
for managing user accounts?
Thanks for any help...
I don't know about all the packages you mention, but my package has a
"plugin model" that allows you to add "driver classes" when people sign
up, change password, etc.. (It was kind of meant for problems like
yours)
If you can access your authentication programmaticall y (Modifying the
database, etc..) you could write GenieGate plugin(s) for each package.
The drivers are object oriented, so they can simply inherit from a base
class.
Essentially, that is how it does the so-called "htpasswd" and DBM styles
of authentication.
I've written custom stuff to create directories and things like that
when people sign up.
There is a "Logger" driver that is used to log what methods are being
invoked, so you can see what methods you'll need to override.
Jamie
--
http://www.geniegate.com Custom web programming
User Management Solutions Perl / PHP / Java / UNIX