How do you authenticate users: via FM7 or PHP?

[epicrecipe]

Hello gang,

I'm developing a custom app in FM7, FMS7A and PHP/FX.php. Hosted on Win2003 Server running IIS6. Hopefully someone can advise on a high-level approach to user authentication. Here's what I need:

1 - Multiple users, each with specific functional access privileges.

2 - One class of management users must be able to create, edit and delete other users.

3 - Tracking sessions is nice, but not required.

4 - I am able to require users to allow cookies.

How would you approach this?

Authenticate via PHP

On every page, include a PHP function that verifies who the user is and reconcile that with permission to view the page. There is a good example of this option in the Bowers/Lane FMP 6 Web Development book. Is this efficient? Are their security concerns with setting session variables via cookies or on the server? Can you recommend other sources for PHP authentication?

Authenticate via FileMaker

The new Accounts & Privileges features in FP7 meet my criterion if the app was exclusive to FileMaker or published via IWP. How can I tap this logic using PHP? How can I write Scriptmaker scripts and then call them from PHP?

Thanks in advance!

Shannon

-=-=-

[kdubs]

Hi Shannon...

Did you resolve this problem in the end? Would be great if you could PM me to point me in the right direction...I'm facing a similar issue.

Cheers

[Garry Claridge]

My suggestion is that you control the access through PHP. That is, PHP just talks to FM via one UserID, all other user functionality and privileges are determined within your PHP program logic.

Good Luck.

Garry

[kdubs]

Okay thanks mate...