Hi John,
This new authentication model states that every IP address making
requests to ruote-rest must be listed in HOSTS table.
If host attribute 'trusted' is set to true, then the request doesn't
go through any more validations, just like Kenneth's whitelisting
feature. Besides, we added fields 'from' and 'to' which allow for a
very simple time of day check. So here is an example (taken from
'fixtures/hosts.yml'):
host_03:
id: 3
ip: "127.0.0.1"
trusted: true
from: NULL
to: NULL
this means: ip "127.0.0.1" is allowed to make requests to ruote-rest
trusted field is true, so this ip is treated as if
it were in a whitelist. (no more checks done)
from and to NULL means no time of day checks applies.
On the other hand:
host_01:
id: 1
ip: "192.168.168.1"
trusted: false
from: 9
to: 17
this means: ip "192.168.168.1" is allowed to make request to route-rest
trusted field is false so (basic auth and time of
day checks checks apply)
from and to states this ip can only make request
from 9AM to 5PM
If hope this lines clarify your doubts.
By the way, nice to see that new auth method is almost integrated. :)
Best regards,
//Gonzalo
2009/4/4 John Mettraux <[email protected]>:
>
>
> Now, could you please describe how you want basic authentication to
> interact with whitelisting ?
> Also, what does trusted => false mean ? Is it for "blacklisting" ?
>
--~--~---------~--~----~------------~-------~--~----~
you received this message because you are subscribed to the "ruote users" group.
to post : send email to [email protected]
to unsubscribe : send email to [email protected]
more options : http://groups.google.com/group/openwferu-users?hl=en
-~----------~----~----~----~------~----~------~--~---
