I guess this means this journal has been superseded
This led me to find a very nice talk about it too.
I think the message I most clearly got from the talk is that Catalyst and Perl are a wonderful platform to work on. The reasons for this are:
These two points make me feel very confident that Catalyst is by far the most attractive platform to be working on right now, even if perl doesn't have the nicest syntax, or requires more discipline from the programmer.
The new Catalyst authentication framework was released today! (note that the link might be broken - cpan mirroring is not behaving well recently... the pause incoming directory contains the files for now. As a last resort try downloading manually from https://pause.perl.org/pub/PAUSE/ but that requires PAUSE credentials)
This was a long awaited rewrite in the catalyst community. I'm glad to report that it's finally up!
The old plugins confused authorization with authentication, and other things. The details on the why part were posted previously.
The released plugins were Catalyst::Plugin::Authentication, Catalyst::Plugin::Authentication::Store::Htpasswd, Catalyst::Plugin::Authentication::Credential::TypeKey, Catalyst::Plugin::Authorization::Roles and Catalyst::Plugin::Authorization::ACL, with Catalyst::Plugin::Authentication::Store::DBIC expected shortly.
We've posted beer bounties for various tentative Catalyst projects...
Please come and see if anything interests you:
The new authentication plugins will be released very soon, and e need as much testing is we can get from testers, and as many requests for new stores/credentials from users (coding and documentation help is also gladly accepted). These plugins were rewritten to replace the big, heavily duplicated mess that is the current state of authentication plugins for Catalyst.
The design is very modular. For example, storage and verification are decoupled:
use Catalyst qw/
or even optional - Catalyst::Plugin::Authentication::Credential::TypeKey can be used in conjunction with a store, or without one.
Moreover, role based access control is entirely separate (Catalyst::Plugin::Authroization::Roles).
The idea idea is to make it very easy to mix and match logic and backends freely, and get integration with session plugins, authorization plugins and so forth for free.
We also have a very exciting plugin which is totally new - Catalyst::Plugin::Authorization::ACL.
As usual, the best place to join is is the catalyst channel on irc.perl.org.
In an effort to improve Catalyst's public relations I decided to write in this journal occasionally. Let's see if I can keep this up.
To start this off I'd like to announce that the rewrite of the session plugins is finished, and they have been released.
These plugins make support for all the session goodness more stable and flexible. They let you easily write state and storage plugins (e.g. cookie state, DBI memcached or fastmmap stores) easily, and then mix and match them without a headache.
In the works is a plugin for more fine grained expiry (each key in the session data can be expired independently), and a massive rewrite of the authentication/authorization plugins (naturally with good integration with sessions), that is getting the same kind of consistency and usability.
If you'd like to help (we mostly need testing), come and join us on the #catalyst on irc.perl.org. Our development is being done in the Catalyst SVN repository, where you can find our work in progress.