Authentication Pattern

thepriz Sep 15, 2004 4:55 PM

I noticed that the Authentication Pattern is only 3 sections "sec1:sec2:sec3" in postnuke this pattern was in two parts and allowed 6 sections "sec1:sec2:sec3", "sec4:sec:5:sec6".

My question is are we only allowed 3 sec in the pattern or can the single pattern be "sec1:sec2:sec3:sec4:sec:5:sec6"?

The second question is there an accepted pattern for this like:

module:datatype:dataId

1. Re: Authentication Pattern

julien1 Sep 15, 2004 5:00 PM (in response to thepriz)

there was 2 sections in PN because security rules are globally set that means you need one :: to locate the component and one :: for security testing.

in Nukes since rules are defined per component you don't need to locate it and only one :: is required
Actions
2. Re: Authentication Pattern

thepriz Sep 15, 2004 6:19 PM (in response to thepriz)

Ok, I can understand that. so we only have one :: because rules are local to the module. so we really don't need to prefix the rule with the module name as in

module:datatype:typeId

it could be:

datatype:typeId:subtypeId or basicly any pattern we want.
Actions
3. Re: Authentication Pattern

julien1 Sep 15, 2004 6:50 PM (in response to thepriz)
yes it's up to the module to handle security how it wants.

in nukes 2 that will be done with any number of : and the check will be made against a String[].

getSecLevel(new String[]{post.getId().toString(),"blah"});
Actions

Go to original post