[ANN] Monticello (and OmniBrowser) support site
Avi Bryant
avi at beta4.com
Wed Apr 28 01:13:26 UTC 2004
On Apr 27, 2004, at 5:57 PM, Andreas Raab wrote:
> Hm... have you thought about tapping into SqP for authorization?! I
> have no
> idea how much would be required on either end, e.g., how hard it would
> be to
> extend SmallWiki to support authorization from SqP and how hard it
> would be
> for SqP to provide appropriate authorization services but I had thought
> about setting up a site lately and I most definitely will not open it
> it for
> anonymous access. Some trust based scheme such as SqP seems *just*
> right for
> such a support site but at this point I don't see how one could set it
> up.
> Any ideas?
Assuming that the user trusts the support site, it's not a problem.
http://people.squeakfoundation.org/xmlrpc.html shows two relevant
XML-RPC calls:
string cookie = authenticate(string user, string pass)
string level = cert.get(string user)
So, given a user and pass, you can ask SqP a) whether they are valid,
and b) what level the user is. The problem is that the user has to
give their SqP password to the support site for this to work, which is
fine on a small scale (I trust Colin not to record it and try to
impersonate me) but I don't want people to get too comfortable with
doing that in general.
Avi
More information about the Squeak-dev
mailing list
|