I have written a library to handle this. It is fairly secure
not allowing the password to be seen except as an MD5 digest. The
only requirement is being able to deal with the MD5 digest. For
instance I have a PgSQL Table with fields User ID, Username, Password,
and Status. I give each User and unique ID and the Password field
contains and MD5 digest of the password and I use status (boolean) to
tell me if the user is active or not.
If you are interested I could send you my library .. it's pretty
basic.
Jason k Larson
Web Developer++
CM> I guess simple HTTP authentication where I get the username and pass and
CM> check it with the database... Maybe encrypting.
CM> What would you recommend? I haven't done something like that before.
CM> It's my first project which needs authentication!
CM> Don't have a clue:)