On Mon, 2009-11-09 at 10:07 +0000, Lukas Zeller wrote: > I just pushed this as "d468580dac (anonymous login: improved passing > anonymous login attempts to DB Api)" to luz on indefero.
There are quite a bit of changes in your "luz" branch and some unmerged ones in our "master". Should we merge the changes back and forth so that we are in sync again? > Now for your change - I disagree because it makes it impossible for a > DB plugin to handle invalid, anonymous AND regular logins. Okay. I reverted the change. > The purpose > of <requiredauth> is just an extra security barrier to set a minimal > login requirement. Setting it to "none" should not mean that > necessarily *all* sync attempts need no credentials, but allows that > *some* might not need them. In any case, the DB layer (or the > <loginXXX> scripts) decides about allowing a session or not on a case- > by-case basis. I didn't see a possibility to do that in the DB layer, at least not with the old code. > For a server that does not need any checking, just put a "return TRUE" > into <logininitscript>. That works. I added it to SyncEvolution "master". -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ os-libsynthesis mailing list [email protected] http://lists.synthesis.ch/mailman/listinfo/os-libsynthesis
