Well, there isn't a libworkmagically yet ... I did think of rsync. Maybe I'll dig further into it. Correct me if I'm wrong but I don't see an easy way to handle the authentication-data per application thing. It'd have to be a pretty clever directory structure which would be hard to maintain. On top of that if two apps use the same data it'd propably have to be stored redundantly somewhere on the server-side to keep the data-to- sync on a per-application basis (what a wicked sentence).
My idea of a nice way to do this would be to use a webservice. 1. Client requests authentication data using its public key. 2. Server checks pubkey against stored pubkey in its database (simple authentication). 3. Server uses public key to encrypt the authentication data and sends back XML-Response. 4. Client can decrypt the data using its private key and continue. Server uses a Database with a (neat) user interface. Any comments would be appreciated... regards konqi On 6 Apr., 20:33, Theo Van Dinter <[email protected]> wrote: > Unfortunately, libworkmagically doesn't exist. :) > > To do something similar at work, I built a system that stores service > authentication information in simple config files w/ appropriate file > permissions for different users/groups. There's a central area for me > to update the authentication for all users, and the changes are pushed > out to machines automatically via rsync. Then, when different groups > want to run a script that needs certain authentication information, > the script tries to read the appropriate service config file, and > either it succeeds and off it goes, or the user is given a permission > denied error. > > In the end, you will have to have this information available > somewhere, either hard-coded into the application/script, or in a > config file, or by including a file/module, or a database, or ... > > On Mon, Apr 6, 2009 at 2:56 AM, konqi <[email protected]> wrote: > > there are multiple logins for different customers and applications. > > I could write the data into a database. But i would have to make sure, > > that applications can only retrieve the data they are allowed to. > > I don't want application A for customer B be able to mess with the > > data of customer C. > > Using a simple database would also require authentication for the > > database. Where do i get the auth-data for the database from? > > This would just change the point where i have to authenticate - but it > > don't want to have applications authenticate anywhere to get the > > necceccary data. > > The required information should *magically* be available for use, for > > example by distributing the data beforehand. > > Also a database query to a remote server could become a problem since > > the db-server would have to be open for all kinds of requests. > > Though that problem could be solved using a virtual private network. > > > What I basically want is the application to know all required login > > information without ever having to authenticate anywhere. > > I'm not sure a solution to this problem exists (yet) since i haven't > > found anything despite excessive google use. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
