[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authentication & creation of new databases




On Sun, Apr 6, 2014 at 1:36 AM, herman vierendeels <..hidden..> wrote:
talking about authentication ,

could we also think about certificate authentication ?

Can you clarify?  Certificate-based single-factor authentication?  Or certificates as one of two factors?

2014-04-05 14:55 GMT+02:00 Erik Huelsmann <..hidden..>:
> Hi Chris,
>
> Looking at the auth code currently in login.pm and LedgerSMB.pm as well as
> the exceptions in lsmb-request.pl, I'm coming to the conclusion that
> LedgerSMB.pm has been coded based on the assumption that every request needs
> to be authenticated against the database and that if authentication fails,
> an auth popup should be returned.
>
> However, as it turns out, this situation causes problems when the database
> doesn't actually exist, or when the application "only" wants to
> authenticate, but not generate a full request series (such as the
> login.pl:authenticate() function).
>
> I'm thinking we can resolve the issue we're seeing now by:
>
>  * Stopping to connect to the database in LedgerSMB.pm:new()
>
> And instead:
>
>  * Factor out the database connection logic
>  * Factor out session initialization logic (the part which is based on the
> DB connection)
>  * Introduce a mechanism whereby a module (e.g. login.pm) can signal
>    one or more of its actions doesn't want a preconnected database handle
>  * Make database connection and session initialization explicit parts of
> lsmb-request,
>    if the module doesn't disallow it
>
> This way, we can remove any implicit auto-connection to the database from
> all lower level calls.
>
> What about it?
>
> --
> Bye,
>
> Erik.
>
> http://efficito.com -- Hosted accounting and ERP.
> Robust and Flexible. No vendor lock-in.
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Ledger-smb-devel mailing list
> ..hidden..
> https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel
>

------------------------------------------------------------------------------
_______________________________________________
Ledger-smb-devel mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel



--
Best Wishes,
Chris Travers

Efficito:  Hosted Accounting and ERP.  Robust and Flexible.  No vendor lock-in.
http://www.efficito.com/learn_more
------------------------------------------------------------------------------

_______________________________________________
Ledger-smb-devel mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel