Re: [stellation-res] why doesn't stellationd require a "password" argume

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [stellation-res] why doesn't stellationd require a "password" argument?

From: florin@xxxxxxxxx (Florin Iucha)
Date: Mon, 22 Jul 2002 08:32:02 -0500
Delivered-to: stellation-res@xxxxxxxxxxxxxxx
List-archive: <http://dev.eclipse.org/pipermail/stellation-res/>
List-help: <mailto:stellation-res-request@dev.eclipse.org?subject=help>
List-subscribe: <http://dev.eclipse.org/mailman/listinfo/stellation-res>, <mailto:stellation-res-request@dev.eclipse.org?subject=subscribe>
List-unsubscribe: <http://dev.eclipse.org/mailman/listinfo/stellation-res>, <mailto:stellation-res-request@dev.eclipse.org?subject=unsubscribe>
User-agent: Mutt/1.3.28i

On Mon, Jul 22, 2002 at 09:19:41AM -0400, Mark C. Chu-Carroll wrote:
> We already have a pretty decent authentication framework. I'd be
> willing to support changes to the auth layer if they had a real
> benefit. But I'm not willing to switch just for the sake of switching.
> 
> Our current authentication system supports pluggable authentication
> modules, challenge authentications, etc. It's really pretty decent.
> 
> The main weakness of it, at the moment, is that we're not doing anything
> clever to protect user passwords in the database - so protecting the
> security of the database becomes important, and we're not doing a
> great job of that yet. But that's not a huge deal to fix: the database
> should be run in a protected mode, so that you need a password
> to establish a database connection; the the password storage
> should be changed to not use plaintext; and the encryption key
> to decode the stored passwords should only be accessible
> using an administators key. None of these are hard to do.
> 
> Switching to JAAS might make sense, because it's a standard
> mechanism.

The benefits being that there might be more people understanding it
and we get somebody else to review and maintain it for free.

>            If it could be done without adding a huge amount
> of complexity to the system, I'd like to see it happen.

As I see it now it will remove more code than it adds.

For a small setup, sending passwords around is OK. If they want more
security than that, they can set up kerberos and use its ticket-granting
capabilities.

>                                                         On the
> other hand, adding another non-standard dependency to the system 
> for an auth layer is something that we'd need to carefully consider:
> what benefits does Turbine have over what we're using? If they're
> significant, and much easier than JAAS, then great. If not, then
> then I'd rather not.

florin

-- 

"If it's not broken, let's fix it till it is."

41A9 2BDE 8E11 F1C5 87A6  03EE 34B3 E075 3B90 DFE4

Attachment: pgpcogi3iE1Mh.pgp
Description: PGP signature

Follow-Ups:
- Re: [stellation-res] why doesn't stellationd require a "password" argument?
  - From: Mark C. Chu-Carroll

References:
- Re: [stellation-res] why doesn't stellationd require a "password" argument?
  - From: Ringo De Smet
- Re: [stellation-res] why doesn't stellationd require a "password" argument?
  - From: Jason Rimmer
- Re: [stellation-res] why doesn't stellationd require a "password" argument?
  - From: Mark C. Chu-Carroll

Prev by Date: Re: [stellation-res] Unit testing?
Next by Date: [stellation-res] checkin core revision main@@7, misc workspace changes
Previous by thread: Re: [stellation-res] why doesn't stellationd require a "password" argument?
Next by thread: Re: [stellation-res] why doesn't stellationd require a "password" argument?
Index(es):
- Date
- Thread

Breadcrumbs