Re: ftp and Nautilus

From: Alexander Larsson <alexl redhat com>
To: Laszlo Kovacs <Laszlo Kovacs Sun COM>
Cc: Nautilus <nautilus-list gnome org>
Subject: Re: ftp and Nautilus
Date: 17 May 2004 12:23:10 +0200

On Fri, 2004-05-14 at 16:09, Laszlo Kovacs wrote:
> Hello everybody,
> 
> This mail is about this bug:
> 
> http://bugzilla.gnome.org/show_bug.cgi?id=114572
> 
> A number of bugs have been closed as a duplicate of this one so there 
> seems to be some interest for it.
> 
> This bug has taken up a lot of time probably because of the wrong 
> approach for fixing it (sticking a patch in bugzilla and then reworking 
> it several times as people complained about it).
> 
> What I am trying to understand is how the authentication behaviour in 
> Nautilus should be. Some people think that anonymous login should be 
> tried before asking the user for username/password if one has not been 
> provided. This complicates things a bit.

I don't think this is quite right. We shouldn't be trying anon before
asking for user/password.

First of all, in the cause of a normal user using nautilus, we will
basically never (or very seldom) encounter uris with a username in them.
Browsing, following symlinks and all the non-uri-typing ways to get to a
protected share will lead to a user-less uri. (And we want to handle
authentication basically the same for all backends, because all backends
have this issue.)

Secondly, even though ftp is often used anonymously we can't just assume
that, since that means you can't log in with a username on a site where
anonymous login is allowed. 

However, we do want to make it easy to do an anonymous login on ftp (and
other backends). So we can't require the user to know about protocol
details like the "anonymous" user. 

Given this, I think the model we want is:
* On a protected share, always pop up an authentication dialog
* If the user didn't fill out the dialog, but clicked ok (and not
cancel), try to do an anonymous login using the methods availible
protocol
* If the password is saved on the keyring for an anonymous login, save
empty username/password in the keyring, since we don't want to save
protocol-specific details (that might change in later versions of the
protocol, or change when e.g. the ftp server is upgraded).

This makes it possible to log in both with name and anonymous, and it
uses the common "if you don't know what the heck the dialog is about,
just click ok" user feature to enable easy anonymous login. It also
exposes no protocol-specific things in the UI and is (hopefully)
implementable on all types of protocols.

This is essentially how the smb backend currently works, except due to
stupid libsmb issues it always tries anonymous if the user/password you
entered wasn't right.

If the username was in the URI, then we should just pass
GNOME_VFS_MODULE_CALLBACK_FULL_AUTHENTICATION_NEED_PASSWORD for the
flag, not GNOME_VFS_MODULE_CALLBACK_FULL_AUTHENTICATION_NEED_USERNAME,
but fill out the username field in the callback so it'll be shown in the
dialog. For the special case of ftp, if the uri specifies the user
anonymous we should probably try to do an anon login without showing a
password dialog at all first.

Do you think this model will cause any problems with ftp?

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Alexander Larsson                                            Red Hat, Inc 
                   alexl redhat com    alla lysator liu se 
He's a lonely native American Green Beret on his last day in the job. She's a 
high-kicking insomniac Valkyrie living homeless in New York's sewers. They 
fight crime!

Follow-Ups:
- Re: ftp and Nautilus
  - From: Christophe Fergeau
- Re: ftp and Nautilus
  - From: Calum Benson

References:
- ftp and Nautilus
  - From: Laszlo Kovacs

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]