Best way to differentiate accounts with one set of scripts?

Discussion in 'Perl Misc' started by Vinnie Murdico, Aug 17, 2004.

  1. Hi,

    I'm creating a series of Perl scripts that make up an entire web site.
    It works fine, but now I'd like to change it such that I can "replicate"
    this entire web site for multiple accounts for various customers.

    I don't want to make copies of the scripts for each hosted account,
    because errors and enhancements will then need to be replicated across
    multiple copies -- a maintenance nightmare.

    I thought about requiring users to "log in" first, and creating a cookie
    that contains their account name. Then when each script runs, it looks
    at the cookie and gets the account name and uses that to set variables
    for unique directories and files where that account's data would be
    stored, thus giving each account a unique data area.

    Is there a better way to do this that doesn't involve using cookies such
    that the scripts could determine which user account was in effect when
    it was run so it could look at the correct data location for that
    account?

    Thanks in advance for any ideas...

    -- Vinnie
    Vinnie Murdico, Aug 17, 2004
    #1
    1. Advertising

  2. Vinnie Murdico wrote:
    > I'm creating a series of Perl scripts that make up an entire web
    > site. It works fine, but now I'd like to change it such that I can
    > "replicate" this entire web site for multiple accounts for various
    > customers.
    >
    > I don't want to make copies of the scripts for each hosted account,
    > because errors and enhancements will then need to be replicated
    > across multiple copies -- a maintenance nightmare.
    >
    > I thought about requiring users to "log in" first, and creating a
    > cookie that contains their account name. Then when each script
    > runs, it looks at the cookie and gets the account name and uses
    > that to set variables for unique directories and files where that
    > account's data would be stored, thus giving each account a unique
    > data area.
    >
    > Is there a better way to do this that doesn't involve using cookies
    > such that the scripts could determine which user account was in
    > effect when it was run so it could look at the correct data
    > location for that account?


    I'm assuming that the scripts are running as CGI scripts. Provided
    that suEXEC or a CGI wrap is enabled, the home directory can be
    grabbed via the getpwuid() function:

    my $homedir = (getpwuid $<)[7];

    But how do you ensure that the scripts are accessed via the 'right'
    URL? Maybe not a usable idea, after all...

    --
    Gunnar Hjalmarsson
    Email: http://www.gunnar.cc/cgi-bin/contact.pl
    Gunnar Hjalmarsson, Aug 17, 2004
    #2
    1. Advertising

  3. Vinnie Murdico

    Guest

    "Vinnie Murdico" <> wrote:
    > Hi,
    >
    > I'm creating a series of Perl scripts that make up an entire web site.
    > It works fine, but now I'd like to change it such that I can "replicate"
    > this entire web site for multiple accounts for various customers.


    I think you first need to decide on a security model, then only once you
    have done that does it make sense to worry about this type of detail.

    > I don't want to make copies of the scripts for each hosted account,
    > because errors and enhancements will then need to be replicated across
    > multiple copies -- a maintenance nightmare.


    Where is the nightmare?

    foreach (@foo) {
    system "rm /blah/blah/$_/*.cgi";
    system "cp *.cgi /blah/blah/$_/";
    }

    I don't see how this solves anything, but I also don't see how it
    causes any problems.

    > I thought about requiring users to "log in" first, and creating a cookie
    > that contains their account name. Then when each script runs, it looks
    > at the cookie and gets the account name and uses that to set variables
    > for unique directories and files where that account's data would be
    > stored, thus giving each account a unique data area.


    Cookies are easy to spoof. Would your customers be happy with the
    fairly low level of security that this would provide?

    > Is there a better way to do this that doesn't involve using cookies such
    > that the scripts could determine which user account was in effect when
    > it was run so it could look at the correct data location for that
    > account?


    First you need to make the policy decision of how to authenticate users.
    Once you have them authenticated, it probably won't be all that hard to do
    the rest.

    Xho

    --
    -------------------- http://NewsReader.Com/ --------------------
    Usenet Newsgroup Service $9.95/Month 30GB
    , Aug 17, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    13
    Views:
    767
    Richard Tobin
    Aug 11, 2004
  2. Replies:
    5
    Views:
    484
  3. Jo
    Replies:
    7
    Views:
    483
  4. Hans-Joerg Unger
    Replies:
    2
    Views:
    1,751
    Martin Honnen
    Apr 10, 2007
  5. Stuart Harden
    Replies:
    1
    Views:
    1,045
    Alexey Smirnov
    Aug 31, 2007
Loading...

Share This Page