Taras,
On Mon, Oct 24, 2011 at 9:54 AM, Taras <[email protected]> wrote:
> Andres,
>
> Thanks for feedback!
>
> 22.10.2011 15:55, Andres Riancho пишет:
>>
>> Taras,
>>
>> On Wed, Oct 19, 2011 at 5:18 AM, [email protected]<[email protected]>
>> wrote:
>>>
>>> I just has commited generic auth plugin [0].
>>> It can be used in most cases with simple auth form (username/password).
>>> Will be glad to read feedback from you!
>>
>> I think that the auth plugins are going to give lots of power to
>> the advanced users, they look very clean and I hope users will dig the
>> idea. Here are some comments about the code:
>>
>> * "except Exception, e:" , I would recommend doing a more
>> specific error handling if possible.
>
> In common I agree with this point of view. But it is *generic* plugin and we
> don't know in it about such things like "Incorrect password" or something
> like this. So we can only tell to the user that this generic plugin can't
> login? What else information can we say?
Not sure :)
>
>> * o5 = option('auth_url', self.auth_url, d5, 'string') and o6,
>> I think that you can change 'string' with 'url', and you'll get better
>> error handling
>> * "This auth plugin can logging in to generic-passport" , help
>> is too short, I would expand that A LOT in order to explain what the
>> plugin does and how it does it.
>
> Agree with these two things and will fix it.
Great!
>> * Header is missing
>
> What header?
File header with the copyright, GPL, etc.
>> And how is this plugin used? When is login() / is_logged() /
>> logout() called?
>
> Hmmm, I can describe it on our wiki?
That's an option, but I would also like to see this documented
somewhere in the base class.
>>
>>> [0]
>>> https://w3af.svn.sourceforge.net/svnroot/w3af/branches/auth-plugins/plugins/auth/generic.py
>>> [1]
>>> https://w3af.svn.sourceforge.net/svnroot/w3af/branches/auth-plugins/scripts/script-auth_generic.w3af
>>>
>>> --
>>> Taras
>>>
>
>
> --
> Taras
>
--
Andrés Riancho
Director of Web Security at Rapid7 LLC
Founder at Bonsai Information Security
Project Leader at w3af
------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning@Cisco Self-Assessment and learn
about Cisco certifications, training, and career opportunities.
http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________
W3af-develop mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/w3af-develop
