[pmwiki-users] Rethinking passwords and authorization

Kathryn Andersen kat_lists at katspace.homelinux.org
Mon Oct 9 20:16:32 CDT 2006 

On Mon, Oct 09, 2006 at 04:29:33PM -0500, Patrick R. Michaud wrote:
> The above looks clean, but we start to run into difficulty
> when people expect to be able to mix the syntax at will:
> 
>     id:alice,bob, at authors quick

I think it would be simpler to just insist that it not be mixed like
that; make the above

        id:alice,id:bob, at authors,quick
 
> This gets very difficult for PmWiki to parse.  It will get worse
> when we try to allow userids with spaces in them:
> 
>     id:"Alice Adams", at authors,"Bob Barker" "multi word password"

id:"Alice Adams", at authors,id:"Bob Barker","multi word password"
 
> or when we try to revoke access:
> 
>     @authors id:"Alice Adams",-carol,"Bob Barker"
      
      @authors,id:"Alice Adams",-id:carol,id:"Bob Barker"
 
But you would have to insist that passwords and names couldn't have a
comma or quote in them.

Another thing, I do like the idea of making all these different forms
more uniform with

        auth_type:authorization

as has already been suggested.
Would that also make it easier to parse?

    group:authors,id:"Alice Adams",-id:carol,password:"multi word password"

Would it be easier to put the quotes around the whole phrase, like

      group:authors,"id:Alice Adams"

Or maybe if you just forbid commas, you could just split on commas, like
this:

    group:authors,id:Alice Adams,-id:carol,password:multi word password

Since you would know that ,id:Alice Adams, would be the ID, and
        ,password:multi word password

would be a password -- you wouldn't need to worry about confusing the
above and thinking that "Adams" was a password, since passwords would be
explicitly marked just as ids and groups are.

Of course the problem with that would be breaking the old way, you
couldn't go 

        $DefaultPasswords['admin'] = crypt('secret');

anymore, but presumably you could do

        $DefaultPasswords['admin'] = 'password:' . crypt('secret');

instead.

Kathryn Andersen
-- 
 _--_|\     | Kathryn Andersen	<http://www.katspace.com>
/      \    | 
\_.--.*/    | GenFicCrit mailing list <http://www.katspace.com/gen_fic_crit/>
      v     | 
------------| Melbourne -> Victoria -> Australia -> Southern Hemisphere
Maranatha!  |	-> Earth -> Sol -> Milky Way Galaxy -> Universe

More information about the pmwiki-users mailing list