Resources

For information about how the HTTP protocol handles authorization, take a look at Web Client Programming with Perl, by Clinton Wong (published by O'Reilly and Associates). This book covers most of the basics of HTTP, including the authorization protocol.

For more information about securing your web server, a combination of on-line and printed materials seems to do the trick. For starters, see the Apache on-line documentation (at http://www.apache.org/) and the ApacheWeek newsletter (http://www.apacheweek.com/), both of which contain tutorials and lessons in how to control access to your web server.

Web Security and Commerce, by Simson Garfinkel with Gene Spafford (O'Reilly and Associates) contains nearly one full chapter on securing your web site using access permissions and includes two small Perl programs that allow administrators to create new users, and users to change their passwords.

Apache: The Definitive Guide by Ben Laurie and Peter Laurie (O'Reilly and Associates) is fairly useful overall, and contains a chapter on authorization. However, the information is not as complete as the on-line documentation and glosses over information that would be useful.

For useful and very readable information and background on message digests and network security, look at Network Security: Private Communication in a Public World, written by Charlie Kaufman, Radia Perlman and Mike Speciner (published by Prentice-Hall).

Finally, those of you interested in the mostly free MySQL relational database should take a look at http://www.tcx.se/, the home page of the program's authors.