NYCPHP Meetup

[R. Mariotti]

Gentlemen;

Subscribing and reading this list for some time now there is quite a bit 
of very valuable and useful info coming across.

I value your professional responses and would like to call upon them at 
this time?

In my position as primary designer/developer I have been challenged with 
designing/developing a new central authentication facility/mechanism for 
all applications on our Intranet.   We run several departments/divisions 
that have access to both their own unique and common apps, all delivered 
via Apache.

Currently each has its own style/type of authentication and 
authorizations and it has become very cumbersome and very unmanageable.

I thought with this new challenge I could wipe the slate clean and 
design something that could be used for all new development and apps and 
also be retro fit into the old apps over time.

Therefore I was wondering what other firms are doing to address this out 
there?   Immediately I can come up with a multitude of ways, but what is 
the norm?  What is the standard?  what is scalable and trasportable?

It is important to know that we are a 100% Linux and OSS shop with the 
exception of some 3rd party software and what ever is done must continue 
using oss.

I was thinking of an LDAP solution and creating one or more php modules 
to allow central access (i.e.: an app requires user authentication:  it 
includes_once or exec's the central module to accomplish then and stores 
a returned token or something with the session to determine successful 
authentication and permissions.

I would appreciate ANY ideas that any of you may have to address this 
and links to any sampes, templates, etc that would help.

Thank you again for any and all recommendations you can provide.

Bob