XML-RPC authentication options for the validation dashboard
paul.larson at linaro.org
Tue Sep 7 16:23:08 BST 2010
Here's my $0.02 (adjusted for inflation):
On Sat, Sep 4, 2010 at 11:32 AM, Zygmunt Krynicki <
zygmunt.krynicki at linaro.org> wrote:
> I think that for our internal use cases a best option would be launchpad
> integration. We don't mind using launchpad, we already have accounts
> there. We could use oauth for authentication. I'm not an expect on oauth
> For a centralized installation this would be pretty good. For ad-hoc
> installations it could be difficult to setup but I'm just guessing here.
> As you mention, for ad-hoc installations, this could be a problem. While
this does have a certain appeal to it, it also looks like it would take
quite a bit more time and effort to implement this, with no compelling need
visible at this point. We can revisit whether that is still the case down
the road, and possibly support it as an option in the future, but for now I
think it better to take a simpler approach.
> Other options are (off the top of my head):
> - - Basic/Digest HTTP authentication. Digest is pretty good (or so
I think this would fit our needs just fine.
> - - Custom authentication via special XML-RPC methods and some
I think we all agree this is not desirable
- - No authentication at all. All XML-RPC interfaces are public and anyone
> may call them. Surprisingly this is not such a bad option. Since all
> request would be anonymous all the users would be allowed to do is
> upload data to public "directories". All other interaction would have to
> be performed via the website or the administration panel.
I can certainly see the logic here, and discounting the possibility of a
nefarious spammer flooding our server with junk, I think it's worth
consideration. My concerns revolve around what it might complicate on the
back end. If we want to go this route, I think the impact needs to be
- With lots of possible submissions, without any kind of identification
attached to them, how do I find my submission in the haystack?
- You mentioned uploading to "directories", which could fix the above
partially, but what prevents someone from uploading to my directory, even by
accident (for instance, if they have a similar name and just happen to
choose the same "path" as me)
- Are results publicly automatically? If not, who has the authority to
approve them? And if you restrict access to this, aren't we back to
providing an authentication mechanism again, but just complicating the
process by which results are posted?
You can see my line of thinking here I hope. I'm not saying it's a bad
option, just that there are some implementation details that span farther
than just the auth stage that need to be clearly defined first, if we want
to go in this direction.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Linaro-dev