Loading ...
Sorry, an error occurred while loading the content.

Authentication

Expand Messages
  • scott@opentrac.org
    I ve got the authentication list mechanism implemented now. I ll probably upload it tomorrow - it needs a new version of the config program to avoid having
    Message 1 of 8 , May 30, 2006
    • 0 Attachment
      I've got the authentication list mechanism implemented now. I'll probably
      upload it tomorrow - it needs a new version of the config program to avoid
      having the list wiped out every time you modify the configuration there.

      The syntax is as follows:

      AUTHLIST prints current list
      AUTHLIST +callsign adds callsign to list
      AUTHLIST -callsign removes callsign from list
      AUTHLIST NONE erases list

      I've been considering implementing two access levels, but at this point I
      don't think it's worth it. There shouldn't be many authorized users, and
      generally you're either going to trust them or not. I can see where it
      might be useful to allow public access to certain things, though. But I
      don't want to get into maintaining an access list for each command...

      I've got a pretty good idea of how I'm going to implement the strong
      authentication format, but I'm still working out the intermediate one. A
      session logon where you only have to authenticate once and can issue
      commands over maybe a 5-minute period would be convenient, but it would
      leave you open to spoofing - someone could wait for you to start a session
      and then inject a command that appeared to come from your station.

      Maybe it's good enough for what it needs to do, though. The truly paranoid
      will still have another option.

      Scott
    Your message has been successfully submitted and would be delivered to recipients shortly.