[Evolution] authentication



The addressbook and calendar backends will provide good abstractions. But in
practice, authentication is often involved (for an LDAP addressbook, for
example), and we need a way for the backends (in the wombat) to ask for
authentication information.

Authentication requirements may vary a lot. In camel, this is solved by
having a question (a string really) passed to the client; the user answers
the question, and another string is passed back as an answer.

So I'm proposing the following preliminary solution:

1. A client (the shell in our case) tells a control where it should be
looking for information.

2. The bonobo control tries to create something to reflect that (like an
addressbook or a calendar) in the wombat.

3. The PAS or PCS calls back to the client with a question.

4. The control pops up the question, which is answered by the user.

5. The answer is passed to the PCS or PAS.

Here are some interfaces that might work:

/* a client would expose this so the wombat can ask it questions */
interface EvolutionAuth {

        enum AuthType {
                STRING,
                PASSWORDSTRING, /* don't show the characters typed */
                FILE,
                BOOLEAN,
                DONTANSWER /* for error messages */
        };

        void AskQuestion (in string question, in AuthType atype);
}

We don't want the wombat to hang while the question's being answered, so we
give the answer in another interface:

interface EvolutionAuthResponse {
        void GiveAnswer (in string answer);
}



Something like that anyway.

Note that one of the questions could be, "Do you want me to remember this
password so I don't have to ask you again?"

Remember, authentication is a hard problem; so if you don't like the
solution, please post a suggestion for how things might work differently.

-Matt





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]