[geeklog-devtalk] [Feature] Distributed Authentication

mike at fuckingbrit.com mike at fuckingbrit.com
Tue Feb 1 08:00:17 EST 2005

Next message: [geeklog-devtalk] [Feature] Distributed Authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Okay, I haven't looked at it AT ALL, so please bare with me ...

No problem.

>Since you obviously spent some time with Geeklog's authentication

>already: Do you think this would be usable?

I'm in bonnie scotland again, but as soon as I'm back I'll take a look
see...

>At first view, it seems to make a lot of changes in sensitive places, so

>I'm reluctant before I had a chance for a closer look ...

To quickly cover the frame of what's changed:

lib-common.php - Includes the XML RPC libs, as noted below, probably no
longer necessary.

lib-database.php - Adds one entry to $_TABLES

lib-security.php - Adds one function to do dist auth (no other changes)

users.php - Changes the if statement that compares $mypasswd with $passwd
(plus empty checks) to if ($authenticated), set $authenticated to the
result of the previous if statement check, and if not authenticated, and
dist auth enabled, and there is an @ in $loginname, then call the function
in lib-security to alter $authenticated.

config.php - added one $_CONF variable.

But I'm more interested on whether or not it's a feature (in general terms)
geeklog is interested in having than a hard or fast yes/no on my
implementetation. Is dist auth something that is likely to make it into CVS
providing I get it right...

>The usual: "When its done". Maybe some time in Q1 ...

OK so it's not something you have a fixed idea of, not something that means
I should descope some of my personal 1.3.12 aims for is all I needed to
know.

>On a technical note: You included an XML-RPC lib in your patch. Geeklog

>1.3.12 already relies on PEAR::XML_RPC for the Ping and Pingback stuff,

>so that would not be needed. And PEAR::XML_RPC is pretty much

>Usefulinc.com's old XML-RPC lib anyway, so it's 99% compatible.

I'll change Blogger.auth.class.php to use that. I wasn't aware it was using
PEAR::XML_RPC, I use your blog plugin (registered), which uses usefulinc's
libs so I just went that route as I thought it was most likely choice.

Mike

--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .

Next message: [geeklog-devtalk] [Feature] Distributed Authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devtalk mailing list