[TYPO3-dev] Services architecture
Dmitry Dulepov
dmitry.dulepov at gmail.com
Mon Mar 28 13:56:20 CEST 2011
Hi!
Marcus Krause wrote:
> Well, the new service should be called rsatransfer and the only purpose
> would be to provide RSA encrypted transfer of data.
>
> It should not only work for credentials inserted into login form but
> should also take care of arbitrary data in general.
Each service has its own service class. Rsaauth is of "authentication"
class. It has to be if it can be used in authentication of users.
I am against using *authentication* services for something else. It is just
wrong because it goes away from the *authentication* service's purpose. It
is better to create a general lib for encrypted transfer, which rsaauth
could use. But rsaauth as is should stay a clean authentication service.
There is no need to put foreign functionality into the *authentication*
service.
--
Dmitry Dulepov
TYPO3 core&security team member
E-mail: dmitry.dulepov at typo3.org
Web: http://dmitry-dulepov.com/
More information about the TYPO3-dev
mailing list