[Prev][Next][Index][Thread]

Re: WEBDAV Security



> as a "subcomponent."  This is a component of the overall technology
> that should stand on its own.
------------------
True...



> An approach that could be taken would be to specify an
> interface standard that would pass authentication data (user, realm,
> etc.) to a component that would be responsible for obtaining
> authorization information, e.g.:
> 
>   1.  Application-layer:  "Is 'user' allowed to do 'x'?"
> 
>   2.  Interface communicates with seperate component, which could
>       be a module which would respond appropriately yet pull its
>       information from whatever means of access control are in
>       place (native OS, Web-server control lists, passwd files, etc.)
>  
>   3.  Underlying component does its thing, reports back to the
>       interface, and the application is told by the interface whether
>       the user is authorized or not.
------------------
This is nice.


> If interoperability is the goal, then the focus should be specifying
> an _interface_ rather than yet another ACL methodology.
---------------------------
Agreed



> If this sort of direction seems to be of interest, I've written
some
> experimental API's that implement such a concept which could serve as
> as a starting point.  I had previously planned to probe for interest
> in discussing this as its own subject but if the momentum is here,
> I am happy to go with it :)
---------------

No reason not to have a look, the API is of primary concern.

-=jack=-

(This text composed by voice)




Follow-Ups: References: