Re: [dwm] [OT] least sucking authentication for web?

From: Archie Elberling <archie_AT_codersoffortune.net>
Date: Wed, 28 May 2008 15:34:09 +0100

<20080527100841.GA10641_AT_serveme.ngw.local>
<d91b1098ec6e5f039322a121298522f1_AT_localhost> <20080528134202.GA24897_AT_fisher.waxandwane.org>
Message-ID: <043223702ebc25bb4f1bca731d0d1f56_AT_localhost>
X-Sender: archie_AT_codersoffortune.net
Received: from blueice4n2.uk.ibm.com [195.212.29.92] with HTTP/1.1 (POST); Wed,
        28 May 2008 15:34:09 +0100
User-Agent: RoundCube Webmail/0.1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit

Now thats an interesting idea - having a user frontend which reads/writes
to
 the htpasswd files, I may well look at doing that.

The main problem with htpasswd though is that you can't restrict based on
parameters passed (at the moment, you goto pagename?edit to edit a page,
for
instance), which would make anything other than simple global accesses hard
-
if anyone knows better than that,I'd like to know.

I did also briefly look at openid as an option (whilst I don't know the
quality of the implementations, the idea seems reasonable). Unfortunately,
there
is not a C implementation, so I would have to start from scratch.

As for the suckless part, well, I'm fairly resigned to having to write it
myself
(there isn't much in the way of pure C web code out there at all). I hadn't
considered
making it a separate library until now, but I guess there might be a call
for it after
all... (assuming of course that you are writing in c, or that php can
interface with c
libraries? I don't really know any php).

Regards,
Archie

On Wed, 28 May 2008 09:42:02 -0400, Ross Mohn <rpmohn_AT_waxandwane.org>
wrote:
> I, too, have been wrestling with this. I have a small community website
> with authentication. It's too big to maintain userid/passwds by hand, so
> I want the users to be able to self-register (after approval) and, more
> importantly, request their passwd resets with emailed confirmation.
>
> I've been trying to slim down Authman Free[1], but it certainly does not
> suckless :-(
>
> Any ideas? -Ross
>
> [1]http://www.authman.com/
>
Received on Wed May 28 2008 - 16:35:13 UTC

This archive was generated by hypermail 2.2.0 : Sun Jul 13 2008 - 15:45:34 UTC