-----Original Message-----
From: Rafal Krzewski [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 20, 2000 3:34 PM
To: Turbine list
Subject: Validate in user class vs LDAP
>Craig,
>
>Not long ago, I submitted a patch from you that addressed
>the problem of custom authentication of users.
Yes; belated thanks for getting that into CVS for me.
>Now that we are working on LDAP backend for SecurityService,
>we came to the conclusion that it would be most feasible to
>access LAPD in the way that is similar to the way we access
>the database: there is a special user of the database
>(or directory server) that has full access to all the data
>used by the application.
That's necessary for such purposes as adding users, of course.
And it can certainly be used for single-user data access. But
the prefered mechanism for getting a single user's data is to
authenticate as that user and then grab the data. This minimizes
the potential for accidental or intentional abuse. The reasoning
is similar to why even users who have root access on Unix
systems don't always log on as root.
>The code that you wrote is very useful for the situations
>where the users password is not retirevable from the
>authenticating autority.
Or in which it may be retrievable, but encrypted. Even if you
include client-side code to encrypt and compare, you're dependent
on the server-side encryption scheme never changing, which is a
slight danger. You must also provide a client-side encryption
implementation for each back-end scheme supported by the app.
Far easier to pass the password to the back end and let *it* do
the encrypt and compare. Again, the analogy to Unix's password
scheme is instructive.
>Good examples of such systems
>are NT domain controlers or IMAP servers. Now, I am
>wondering what was your original impulse to write that
>code, and how is it connected to LDAP.
I hope it makes more sense, now...further questions are welcome,
if not. And I'm *very* much looking forward to seeing the forthcoming
LDAP user mgmt. model for Turbine! (It'll be interesting to see how
much it parallels the code I've been playing with here, none of which
has approached releasable quality.)
--
Craig Berry
GlueCode
