[sldev] RFC: design proposal for VWR-1071

Carlo Wood carlo at alinoe.com
Mon Jul 20 03:31:03 PDT 2009


Cypren, ping (see below)?
And how is it going over all?

On Wed, Jul 15, 2009 at 12:19:50PM +0200, Carlo Wood wrote:
> On Tue, Jul 14, 2009 at 06:43:43PM -0700, Cypren Christenson wrote:
> > Melinda:
> > * Clearing the list: I was thinking about adding a new button to the
> > Preferences panel, probably under Network (since there's already a
> > "clear cache" button there) that says "clear login history".
> > ("Clearly" this will require i18n translation; maybe this is a good
> > time to ask how that's usually handled for the project?)
> 
> I am sure many people will uncheck the box saying "remember password"
> in the assumption that it will keep the First/Last name and just
> remove the password. Therefore it should do just that.
> 
> > Thanks again for everyone's comments and criticism. Keep it coming!
> 
> I'm using the same name on multiple grids...
> 
> It is a security problem for me that the viewer only remembers a
> single password and uses it regardless of the grid.
> 
> In order to use this feature (remembering passwords) savely, the
> viewer should first be grid-aware.
> 
> Maybe also add the login-uri in the password database file?
> 
> Ie,
> 
> Carlo|Wood|http://login.example.com:8000|passwd1
> Carlo|Wood|http://login.foobar.com:8002|passwd2
> 
> And then only use a password if the already chosen login uri matches.
> 
> Actually, using LSL serialization, I'd go for storing this
> as a map with the uri as key. Not sure about the exact LSL
> but something like the following would result:
> 
> <map>
> <key>http://login.example.com:8000</key>
>   <map>
>   <key>FirstName</key>
>     <string>Carlo</string>
>   <key>LastName</key>
>     <string>Wood</string>
>   <key>PasswdHash</key>
>     <string>passwd1</string>
>   </map>
> <key>http://login.foobar.com:8002</key>
>   <map>
>   <key>FirstName</key>
>     <string>Carlo</string>
>   <key>LastName</key>
>     <string>Wood</string>
>   <key>PasswdHash</key>
>     <string>passwd2</string>
>   </map>
> </map>

-- 
Carlo Wood <carlo at alinoe.com>


More information about the SLDev mailing list