[Typo3-dev] LDAP System Extensions II

[Daniel Thomas]

Hi Masi

> Daniel Thomas wrote:
>> Hello together,
>> - there is no interest for a new way of handling authentification in 
>> the TYPO3 framework in general
>
> Still hoping to find time for that.
>
> TYPO3 needs a new authentication.
>
> What I think migh be needed is way to handle HTTP authenticatoins like 
> Basic Digest and NTLM. That means the authentication should have some 
> kind of hook for setting the header based on the session state.
>
> BW, the service class makes (or used to make) two calls in the wrong 
> order. It has getUser() and then authUser(). This is wrong!
> First it should try to find and authenticate the user and then it 
> should try to load his/her data.

There are three operations mentioned in your sentence:
- try to find the user
- try to authenticate the user
- try to load his/her data

The authentification system needs to take care of the first two. 
Whether a service wants to load data for a user is up to the service 
and not responsibility of the framework. (Imaging a service 
authenticating a usergroup on the basis of an IP. No Userrecord 
involved at all.)

The getUser() function tries to find the user.
The authUser() function tries to authenticate the user.


>  Think authentication via passwd and details in an external db.
>
> I know that it was done this way because it was convenient in the LDAP 
> case, but it's not correct.

There is no inherent connection whatsoever between the LDAP authservice 
and the service system. René developped the former completely independ.

>
> Masi
> _______________________________________________
> Typo3-dev mailing list
> Typo3-dev at lists.netfielders.de
> http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-dev

Regards

Daniel

--/

Daniel Thomas dpool

Hinderink und Thomas Partnerschaft IT-Berater und Projektmanager

Zenettistr. 20 | D-80337 München
t 08945227582 | m 01793918781 | fax 08945227583

http://www.dpool.net | http://www.typergy.com

/--