[TYPO3-dev] Services architecture
Christian Lerrahn (Cerebrum)
christian.lerrahn at cerebrum.com.au
Sun Mar 27 14:59:15 CEST 2011
Hi Helmut,
On Sun, 27 Mar 2011 00:12:31 +0100
Helmut Hummel <helmut.hummel at typo3.org> wrote:
> Hi,
>
> On 26.03.11 16:57, François Suter wrote:
>
> >> If anyone is willing to implement a "rsatransfer" service, which
> >> does not do authentication, but only provides decrypted
> >> crendentials to the service chain, then go on and do it.
> >
> > Before someone invents a new wheel, it would be good to look at
> > extension "caretaker", which does this already AFAIK. I've never
> > looked into the details, but at least you have to exchange keys
> > when you set up the monitoring, so I assume the communication is
> > encrypted, which would make a lot of sense given the nature of the
> > data exchanged.
> >
> > So maybe it's just a question of porting this into the core.
>
> No, this is not what we need. We need RSA encryption in Javascript
> and on the PHP side. So we need what is already there in the
> rsaauthextension, but it needs to be changed, that it does not really
> authenticate, but only decrypts the crendentials. It is a more or
> less minor change to rsaauth, but of course the name would not make
> sense any more after removing the authentication part. So probably it
> will be just renaming rsaauth to rsatransfer and then removing the
> authentication part and handing over the decrypted password to the
> services following in the chain.
I believe the modifications to rsaauth required to make it
"rsatransfer" as you call it would be minor and would be happy to dig
into that. However, there is still the problem that currently the
transferred credentials are passed to the authentication services by
value and can therefore not be returned to the chain without a
(minimal) core change. Or did you have a different mechanism in mind?
Cheers,
Christian
More information about the TYPO3-dev
mailing list