Re: Best practice example for a setup wizard?

Thu, 14 Jan 2010 09:52:14 -0800 

Ian Piper wrote:
OK, perhaps I need to rethink how this works. Given that the underlying purpose is to authenticate the user to allow access to an encrypted database, would it make more sense for me to use the user's Mac OS X account credentials? Is there a way (I hesitate to use the phrase "best practice" again) for my program to authenticate the user that way? 



It depends on what you mean by the user's account credentials, and  
how they fit with your database access controls.



It seems like Keychain Services may be appropriate.  It depends on  
exactly how your DB access-control works.  If it's password-based or  
encryption-key based, then your app can store and retrieve a specific  
keychain item (password or key).  Initially, if your item doesn't  
exist in the keychain, your app can prompt the user with a simple  
dialog.  After that, Keychain Services should take over the  
management and access-enforcement of the item itself.  Your app  
simply tries to read the item from the keychain, and either succeeds  
(so proceeds with database connection) or fails (so does something  
appropriate for that failure reason).



http://developer.apple.com/Mac/library/documentation/Security/ 
Conceptual/keychainServConcepts/02concepts/concepts.html


There's also this framework, wrapping the basic C functions in Obj-C:

http://sourceforge.net/projects/keychain/


There may be other frameworks or libs.  I used google keywords: mac  
os keychain objective-c


There's also a list dedicated to security questions:

http://lists.apple.com/mailman/listinfo/apple-cdsa


If Keychain Services isn't suitable, you'll have to be more specific  
about what the access-controls are, what "authentication" means, etc.


  -- GG

_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com






















					Reply via email to