On Wed, Jul 28, 2010 at 6:39 AM, Brett Porter <[email protected]> wrote:
> > On 28/07/2010, at 9:47 AM, Marica Tan wrote: > > > Yes I agree. > > > > Since we don't have a database in an agent, we can't do role-based > > authorization. > > > > I think we need to have that database so we can provide that security for > > the webdav interface as well as with the xmlrpc. > > I don't think a database is the right answer to that - it probably doesn't > need role-based permissions. > > We might be better having some sort of private/public key system to ensure > the agent only gets used by the intended master, rather than actual user > permissions. > I'm totally agree. Emmanuel > > - Brett > > -- > Brett Porter > [email protected] > http://brettporter.wordpress.com/ > >
