Authentication (ACL) - Challenges - Solutions - Dilemmas

[eluser]Pascal Kriete[/eluser]
Randy,
I appreciate your level-headed reply.

As for the 100$. I derived it from the fact that this will be a three part application. I see the auth part to be at par (in terms of size/difficulty to implement properly) with the other two parts, so I extrapolated the cost. It was indeed an unfair estimate to make.

I can certainly see the benefits of a true 'drop-in' solution.

direct interface with JS frontends and the JSON encoded return to an AJAX login requests

I saw mention of the async request to get the unique id, which is certainly clever (doesn't degrade, but I'm not fussed about that). I haven't found mention of the json encoded return to the auth request. The demo simply refreshes. I think I might be missunderstanding something - pointers are appreciated.

it’s more secure than any other CodeIgniter authentication capability in existence

I can't really comment on that. On the one hand, I truly trust your programming knowledge. On the flip side, even open source security issues occasionally remain undiscovered for years.

Then this isn’t the solution for you.

We've certainly established that . Incidentally I fit into all three of the 'asks for free software' groups. Although I probably painted myself too stubborn. If I'm ever on a tight deadline to implement a thorough ACL, your solution is certainly one I will look at. When push comes to shove, I'm definitely willing to weigh my reservations with closed-source security software against a solid drop-in solution.

@michael., I use closed-source and hosted solutions every day. I run OSX, code in Textmate, write email through Yahoo and Google. I'm not about to dump it for an open-source project for the sake of open-source. I know that the corporate world operates quite differently from a 'mostly free' community and I respect that. Everyone has to pay the bills at the end of the month.

Again, thank you for remaining professional (as always),
Pascal