Changeset 5431

Timestamp:
13 Aug 2010, 08:47:05 (14 years ago)
Author:
uli
Message:

Experimental code for authenticating Applicants.

Instead of checking the credentials of applicants by resubmitting a
JAMB no and registration number via form on every request, we can also
try to authenticate applicants properly as such deploying the
pluggable authentication utility. That's what we try here.

This stuff is quite complex and needs to be done slowly and step by
step. Right now we have an authenticator plugin that accepts any
username/password combination (if the authenticator plugin is enabled,
which can be done via the Z3-UI).

Next goal is to implement an additional CredentialsPlugin? that
extracts applicant form fields from a request and delivers them as
'the credentials' to the local authentication utility and the
authenticator plugins.

Authenticating applicants properly means that every applicant can be
identified in logs and we have a single properly defined place to care
for permissions.

The drawback is, that infos about logged-in applicants are stored in a
session container, which by default is held in RAM. If thousands of
users try to register simultanously, this might be overkill so that we
might have to rethink about a specialized session container for this
kind of data.

File:
1 added

Note: See TracChangeset for help on using the changeset viewer.