security library poll
Posted: Thu May 11, 2006 7:29 pm
So i've been slowly "in my off time" working on a security library which will handle:
1) Authentication/Identification
2) Authorization/Access Control
3) Session Management
Each is modular in design, using a driver approach for data storage or at least this is the hope (as I only have a working AdoDB working for #1) I can't say much more, cuz I don't know for sure...
The identification fields are variable, meaning if you wanna match against user/pass/email you can...or if you just wanna match against some other field, you can...
I have tried to work in optional fields, such as:
1) last login timestamp - updated on success
2) login attempts - incremented on failure, cleared on success
3) last attempt timestamp - updated on failed attempt
And just now I thought, it would be cool perhaps if the library assisted in restricting one person to an account...meaning someone logs in with user1/pass2 and 1 mins. later someone else tries with the same data, they are rejected, because you cannot login to one account at one time more than once...
Tongue twister there
Good idea or bad idea...
If a bad idea, explain why in a short post or your vote won't be considered...
Cheers
1) Authentication/Identification
2) Authorization/Access Control
3) Session Management
Each is modular in design, using a driver approach for data storage or at least this is the hope (as I only have a working AdoDB working for #1) I can't say much more, cuz I don't know for sure...
The identification fields are variable, meaning if you wanna match against user/pass/email you can...or if you just wanna match against some other field, you can...
I have tried to work in optional fields, such as:
1) last login timestamp - updated on success
2) login attempts - incremented on failure, cleared on success
3) last attempt timestamp - updated on failed attempt
And just now I thought, it would be cool perhaps if the library assisted in restricting one person to an account...meaning someone logs in with user1/pass2 and 1 mins. later someone else tries with the same data, they are rejected, because you cannot login to one account at one time more than once...
Tongue twister there
Good idea or bad idea...
If a bad idea, explain why in a short post or your vote won't be considered...
Cheers