Authentication and autorization
We have a large website which is controlled by PERL scripts which in turn basically redirect the users to some contents (like pdfs,docs etc.) without any authentication and authorization. The site runs in intranet and Apache is the web server.
The requirement is that we need to implement authentication using a web service call and authorization using a local MySQL DB. The controlling PERL scripts will be grouped into protected and unprotected, and whoever is authenticated and authorized can view all and the rest can view only the unprotected.
The initial idea was to go for sessions and update each PERL script to have the authentication/authorization check but as the number of scripts are more than 100, we were wondering if there is an alternate way by which we can achieve this.
As a side note, if the user tries to access, any pages in the web site, the user has to be redirected to the login page where he will be authenticated and authorized.
I apologize in advance, if I've posted this in the wrong place.