horde auth and perm questions
Paul Wolstenholme
wolstena at sfu.ca
Mon Oct 22 12:57:45 PDT 2001
Hi,
I've been thinking for some time that I would like to try the horde
1.3.4 framework but I have a couple of questions that would help me
along quite a bit. One of the things that attracks me to horde is that
it appears that the developement team is trying to tie in as much as
possible to PEAR. Which I think is a great. I've also been impressed by
how quickly security issues are resolved.
Some questions:
1. It appears that hored 1.3 will work with register_globals off. Is
this true?
2. I use the preauth in phplib to allow for institutional subscribers to
a website to access the site based on client ip/domain. If the preauth
method fails, the users goes through the the normail authentication
process. Has this been done or could be done by extending the existing
framework.
3. Another feature I have taken advantage of with phplib is default_auth
(when a user accesses page for the first time a default authentication
object is created). Basically, I have used this in situation where a
portion of script is executed depending on the user has a particular
bundle of rights but do not want to force everyone to login or register.
If a user would like to access the restricted components, they can
login.
4. The perms seem to be based on location that does not have any
dependencies on an particular object. The project I'm working on has a
document model that I would like to tie in with a process model, and
security model. Designing the security model has turned out to be
tougher than I thought.
Access would depend on ownership, roles/rights assigned to a user, and
where the document is in the publishing process. For example, a newly
submitted article would have read access by the owner and editor. Once
the review process is complete, the article is also readable by
subscribers. Once a certain time frame has expired, the article is
accessible to everyone.
The process model would also have to include CRUD attributes as well.
Not just read rights.
Is it possible to do the above with the horde perms class? Is there any
disire to provide this type of functionality for any other horde
projects?
Cheers,
Paul
--
________________________________________________________________
Paul Wolstenholme
SMA Webware
http://www.zzube.com/
What do you know?
http://make.zzube.com/
Vancouver, BC Canada
More information about the horde
mailing list