On 28/07/2010, at 9:47 AM, Marica Tan wrote: > Yes I agree. > > Since we don't have a database in an agent, we can't do role-based > authorization. > > I think we need to have that database so we can provide that security for > the webdav interface as well as with the xmlrpc.
I don't think a database is the right answer to that - it probably doesn't need role-based permissions. We might be better having some sort of private/public key system to ensure the agent only gets used by the intended master, rather than actual user permissions. - Brett -- Brett Porter [email protected] http://brettporter.wordpress.com/
