Difference between revisions of "Design Specs: Authorization and Authentication"

From WormBaseWiki
Jump to navigationJump to search
Line 30: Line 30:
 
http://gmod.org/wiki/GBrowse_2.0_HOWTO#Configuring_the_User_Account_Database
 
http://gmod.org/wiki/GBrowse_2.0_HOWTO#Configuring_the_User_Account_Database
  
====Installing the necessary Perl modules====
 
  
The login module needs to process OpenID transactions. It also needs to send outgoing email, which nowadays frequently requires authentication between the GBrowse web server host and the mail hub. The following additional libraries and modules are required for basic functionality:
 
 
;'''Digest::SHA1'''
 
:For creating and storing passwords. Available from [http://www.cpan.org CPAN] or as Debian package or as Debian package libdigest-sha1-perl.
 
 
;'''Crypt::SSLeay'''
 
:For OpenID authentication. Available from [http://www.cpan.org CPAN] or as Debian package libcrypt-ssleay-perl. This module in turn requires the [http://www.openssl.org/ OpenSSL package], Debian package ''libssl-dev''.
 
 
;'''Math::BigInt::Pari''' or '''Math::BigInt::GMP'''
 
:These libraries speed up Net::OpenID::Consumer, and in particular reduce the time needed to run the Net::OpenID::Consumer tests. To use the Pari module you will first need to install libpari (http://pari.math.u-bordeaux.fr/).To use GMP install libGMP (http://gmplib.org/). Debian users can simply install ''libmath-bigint-gmp-perl''.
 
 
;'''Net::OpenID::Consumer'''
 
:For OpenID authentication. Available from [http://www.cpan.org CPAN] or as Debian package ''libnet-openid-consumer-perl''.
 
 
If your preferred mail server requires user authentication to forward outgoing mail, then you will also need the following two modules:
 
 
;'''Net::SMTP::SSL'''
 
:Encrypted connections to mail servers. Available from [http://www.cpan.org CPAN] or as Debian package ''libnet-smtp-ssl-perl''.
 
 
;'''Authen::SASL'''
 
:Handle the authentication between mail client and server. Available from [http://www.cpan.org CPAN] or as Debian package ''libauthen-sasl-per''l.
 
  
 
== To Explore ==
 
== To Explore ==

Revision as of 16:32, 8 February 2010

Objectives

This element will need to work with the core code of the web application to implement user authorization and authentication. Catalyst has great support for this already, but we will also need to build a user database for enabling greater customizability.

Is customization mainly for GBrowse? Are there any data that should not be available to public?

customization: user can store a specific object eg. sequence,

1. Users will be able to create new accounts, or log in to the system using an Open ID

2. User preferences will be stored in a back-end database...


different ways to do this

1. Catalyst simple login ; cookies; session management

2. advantages and disadvantage of using those modules

Gbrowse Compatibility

Gbrowse2 user registration and login system

An optional user registration and login system allows users to register stable GBrowse accounts and to keep their settings and custom tracks when they move from one computer to another.

http://gmod.org/wiki/GBrowse_2.0_HOWTO#Configuring_the_User_Account_Database


To Explore

Catalyst::Plugin::Authentication

http://search.cpan.org/~flora/Catalyst-Plugin-Authentication-0.10016/lib/Catalyst/Plugin/Authentication.pm

And for Credential verification:

http://search.cpan.org/perldoc?Catalyst%3A%3AAuthentication%3A%3ACredential%3A%3AOpenID

Here are some docs on Auth/Auth:

http://search.cpan.org/perldoc?Catalyst::Manual::Tutorial::05_Authentication


Catalyst Tutorial on Authentication: http://www.catalystframework.org/calendar/2008/19

This module might also be useful: 

Catalyst::Extension::SimpleLogin
Retrieved from "https://wiki.wormbase.org/index.php?title=Design_Specs:_Authorization_and_Authentication&oldid=4012"