On Monday 07 November 2005 12:37 pm, Ludovic Rousseau wrote: > > That's an interesting project. How do you plan to integrate it in gdm > for example? > Will it be like on Windows: gdm asks for the PIN as soon as you insert > a smart card in a reader (without asking for the login first)? > > I did not know that gdm, kdm, ... had a support for plug ins. > My experience is with the GINA technology (Windows), so my daemon represents somewhat the winlogon service sending smart cards insertion and removal events to the GINA (gdm ?) - then a "pin" dialog box appears if a card is inserted/replaced by a regular dialog box if the card is removed prior to login.
once logged-in, removing the card locks the screen. Windows has two ways of doing that: 1) CSP: plugins that register themselves and get called by the original GINA (those are about to disappear) 2) rewriting the GINA (that was my choice) ... but I'm not sure it was the best one. I have been talking with the gdm people and I understand that adding such feature would require revamping their code, I'm also looging at xdm and the issues are the same ... I think. So I'm also looking at rewriting a complete logon manager (my best bet I think) with that architecture in mind. Looking at gdm and xdm (written in C), it seems a _lot_ of the code is "utility-oriented" ex: string management. So I'm seriously thinking of using a scripting language (I'm partial toPython) to simplify matters. I am currently looking at non-X509 solutions: my card applications simply check the pin code and return the password, username, domain. So there is no certificate signature going on. Assuming I make it, I would hate for my architecture to not represent other needs such a as X509 support: I will keep MUSCLE posted and have no problem this becoming a MUSCLE project. > Please continue. I will Regards, Philippe > > -- > Dr. Ludovic Rousseau > For private mail use [EMAIL PROTECTED] and not "big brother" Google > > _______________________________________________ > Muscle mailing list > [email protected] > http://lists.drizzle.com/mailman/listinfo/muscle -- ************************************* Philippe C. Martin SnakeCard, LLC www.snakecard.com ************************************* _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
