[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [dsdp-tm-dev] Password persistence extension point
|
Kushal --
A couple of things
1) are there really cases even on an i5 where passwords are still case
insensitive? This seems unlikely. Passwords are stored in encrypted form
and there is no way to recover an encrypted password, one can only
challenge it by encrypting the proposed password. Thus saying they're case
insensitive is not really correct. They might be "case folded", but I'm not
sure there is anywhere that might actually be happening. Can you check with
Don?
2) Likewise, when we say user ids may be "case insensitive" we really mean
"fold to uppercase", right? Its not just a compare thing, but an actual
storage thing.
3) (ok, one more than a couple) It seems to me that the correct
determination of this property is really between the connector service and
the system type, not the subsystem configuration and system type. Several
subsystems may share a connector service which is responsible for
authentication and initiating the connection for all those subsystems.
_______________________
David Dykstal
david_dykstal@xxxxxxxxxx
Kushal Munir
<kmunir@xxxxxxxxx
m> To
Sent by: Target Management developer
dsdp-tm-dev-bounc discussions
es@xxxxxxxxxxx <dsdp-tm-dev@xxxxxxxxxxx>
cc
Target Management developer
08/25/2006 02:55 discussions
PM <dsdp-tm-dev@xxxxxxxxxxx>,
dsdp-tm-dev-bounces@xxxxxxxxxxx
Subject
Please respond to Re: [dsdp-tm-dev] Password
Target Management persistence extension point
developer
discussions
<dsdp-tm-dev@ecli
pse.org>
Dave,
You're quite right, it's the userID in this case. There are systems such as
the i5 that have case-insensitive userID and passwords. The property name
will be "userIDCaseSensitive". The extension point needs the case
sensitivity of the userID because it uses the userID as part of the key
when storing the information.
I think in general, whether userIDs and passwords are case sensitive or not
should be queried from a combination of the system type and subsystem
configurations. What we have currently is only useful if the subsystems are
using the case sensitivity of the system, which doesn't necessarily have to
be the case. One could, for example, have a database set up on a system
that is case sensitive for both userID and password, although the system
isn't. Another problem with the password persistence mechanism is that a
user could be using the same userID for multiple subsystems of the same
system type but have different passwords for the subsystems. The design
does not allow users to save both passwords.
Thanks for pointing out the error.
Kushal Munir
Websphere Development Studio Client for iSeries
IBM Toronto Lab, 8200 Warden Ave., Markham, ON
Phone: (905) 413-3118 Tie-Line: 969-3118
Email: kmunir@xxxxxxxxxx
David Dykstal
<david_dykstal@us
.ibm.com> To
Sent by: Target Management developer
dsdp-tm-dev-bounc discussions
es@xxxxxxxxxxx <dsdp-tm-dev@xxxxxxxxxxx>
cc
dsdp-tm-dev@xxxxxxxxxxx,
08/25/2006 02:42 dsdp-tm-dev-bounces@xxxxxxxxxxx
PM Subject
Re: [dsdp-tm-dev] Password
persistence extension point
Please respond to
Target Management
developer
discussions
<dsdp-tm-dev@ecli
pse.org>
Kushal --
Are we really talking about passwords here or userids? These days, what
systems are case insensitive for passwords?
_______________________
David Dykstal
david_dykstal@xxxxxxxxxx
Kushal Munir
<kmunir@xxxxxxxxx
m> To
Sent by: dsdp-tm-dev@xxxxxxxxxxx
dsdp-tm-dev-bounc cc
es@xxxxxxxxxxx
Subject
[dsdp-tm-dev] Password persistence
08/25/2006 01:18 extension point
PM
Please respond to
Target Management
developer
discussions
<dsdp-tm-dev@ecli
pse.org>
Hi folks,
I've had a discussion with the developer here regarding the password
persistence extension point. It has been deemed to be unnecessary and can
be consolidated with the systemsTypes extension point. The extension point
is used to allow password management for that system type through the RSE
Passwords preference page. It only allows one attribute to specify whether
passwords for the system type are case sensitive or not. There is no need
for it to be a separate extension point.
My proposal is to add two new optional boolean properties to the <property>
markup for the org.eclipse.rse.ui.systemTypes extension point. These are
"passwordManagement" to specify whether passwords for the system type can
be managed and "passwordCaseSensitive" to indicate whether passwords for
the system type are case sensitive or not. Both will default to true for
the system type if the property does not exist.
This ensures equivalent function with what we currently have. An example is
given below:
<extension point="org.eclipse.rse.ui.systemTypes">
<systemType id="com.acme.systemtype.Example" name="Example"
<property name="passwordManagement" value="true"/>
<property name="passwordCaseSensitive" value="false"/>
</systemType>
</extension>
Please vote on this proposal.
Thanks!
Kushal Munir
Websphere Development Studio Client for iSeries
IBM Toronto Lab, 8200 Warden Ave., Markham, ON
Phone: (905) 413-3118 Tie-Line: 969-3118
Email: kmunir@xxxxxxxxxx
_______________________________________________
dsdp-tm-dev mailing list
dsdp-tm-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/dsdp-tm-dev
_______________________________________________
dsdp-tm-dev mailing list
dsdp-tm-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/dsdp-tm-dev
_______________________________________________
dsdp-tm-dev mailing list
dsdp-tm-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/dsdp-tm-dev