[dev] horde auth - password

Chuck Hagenbuch chuck@horde.org
Thu, 31 May 2001 13:50:11 -0400

Previous message: [dev] horde auth - password
Next message: [dev] horde auth - password
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Jan Schneider <janmailing@gmx.de>:

> perhaps it makes sense to build some sort of password container for horde. If 
> a user authenticates against horde with horde's configured auth mechanism
> (imap, ftp, mcal whatever) every horde app can get the necessary password from
> this container.
> 
> You then only have to authenticate once and can use gollem, imp, a forward or 
> a password change module without authenticating again.

My idea has been to build a Credentials class which encapsulates the idea of an 
account - able to hold whatever information you need, username, password, 
server, etc. - and then to store them somewhere. You'd unlock them with a 
passphrase, using a mechanism similar to the Secret:: class, so they could be 
encrypted in storage.

That way you'd authenticate, and at some point enter your passphrase, and all 
of your account info would be available when needed.

I'd rather not store passwords in Horde sessions.

-chuck

--
Charles Hagenbuch, <chuck@horde.org>
Black and white and grey, all the shades of truth.

Previous message: [dev] horde auth - password
Next message: [dev] horde auth - password
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]