Authentication/Session? Library

This could hook into either LDAP or PAM to use system credentials. If we do this, requiring https for login would be essential.

Where should lists of who can do what be stored? LDAP?  http://uk2.php.net/manual/en/function.ldap-bind.php

It might be nice to allow presentation of credentials through HTTP basic auth. This would allow creation of limited-access RSS feeds for example. Pear has Auth_HTTP for this.

Things that need protecting, and the levels of access which might be required:

• Posting front-page announcements
• Member details: browse, add/edit, editing your own details?
• Library: browse, loan, edit
• Bananas: browse, award
• Blogs: posting to your own blog, adding comments ...
• GuestNet?: adding your own MAC, ...
• Managing permissions?
• Forum: browse, post, moderate, admin
• WebMail?
• Wiki
• Projects - svn, trac...
• Links: adding, approving