[RFC] Credential agent interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All,

The credential agent interface doc in the repository is a place holder I
have been thinking about what the credential agent interface should be
and would like to know what other think about the semantics and usage
model of the interface should be.

The reason for the agent API is to give the WiMax daemon a way to
collect login credentials from the user (username, password).

The simple case is the agent object would throw up a dialog for the user
to enter the required information.  This is kind of clunky and would
become really annoying in the case where you lose connection and are
trying to automatically trying to connect.

It would be nice to support auto-reconnect with out user intervention.
The agent could cache the credentials but now we have the credentials
laying around one method call away from anyone that wants them good guy
or bad. 

One solution I thought of that would help is to change the
RegisterCredentialAgent() method in the adapter object to take an
additional context argument to be passed back to the credential agent
that is set by the connection/network manager.

So the flow would look something like this:
org.wimax1.Agent.SetCredentials({ "Username": "dcbw", 
                                  "Password": "foobar",
                                   <context_value>)
org.wimax1.Adapter.RegisterCredentialAgent("/something/I/make/up", 0xDEADBABE)
org.wimax1.Network.Connect()

The callback from the WiMax daemon would be
 org.wimax1.Agent.GetCredentials( in uint32 context,
                                  out string username,
                                  out string password);

If the context value does not match the value passed to org.wimax1.Agent.SetCredentials()
the method returns an error and possibly nukes the credentials to prevent a brute force attack
looking for correct context value.

Any comments gratefully accepted

--Dirk


[Index of Archives]     [Linux Kernel]     [Linux Wireless]     [Linux Bluetooth]     [Linux Netdev]     [Linux Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux