[Authentication] Aliases

Stef Walter stef-list at memberwebs.com
Sat Dec 12 08:13:32 PST 2009


Michael Leupold wrote:
> Am Freitag, 11. Dezember 2009 22:59:04 schrieb Stef Walter:
>> Attached is a patch which I'm proposing to handle stuff like the
>> 'default' collection or the 'network' collection proposed by Guillaume.
>>
>> The collection aliases are present under:
>>
>> /org/freedesktop/secrets/aliases/xxxx
>>
>> So the default and network collections would be usable via the object
>> path, in addition to their normal object paths:
>>
>> /org/freedesktop/secrets/aliases/default
>> /org/freedesktop/secrets/aliases/network
>>
>> To manage the aliases, two new methods are added to the Service
>> interface: ReadAlias() and SetAlias(). BTW, These are not properties on
>> Collection because a collection can be have multiple aliases pointing to
>>  it.
>>
>> This is somewhat implemented in gnome-keyring's dbus-api branch, but
>> only the 'default' alias is implemented for now.
> 
> I'd prefer to handle aliases more in the manner of hardlinks implementing the 
> Collection interface as well. Like that clients could save 1 call per 
> operation getting the aliased collection (alias may change at any time).

I assume you mean symlinks. Either way, yes, that's the case... Unless
I'm misunderstanding you. Please see above, where I noted "in addition
to their normal object paths".

The alias paths would act like a full collection implementing the
Collection interface and have items under them etc...

The ReadAlias() and SetAlias() methods are for more for management
applications to be able to tell what an alias points to. In the symlink
metaphor, these methods equate roughly with the readlink() and symlink()
libc calls.

> If we do it like that we'd have to decide if they signal open/close as well 
> (and I'd say they should).
> 
> What do you think?

My initial inclination is not to have signals be emitted from the aliases.

 * This would significantly complicate service implementations.
 * In addition I think that clients desiring signals are doing
   password management, and should be aware of what an alias
   points to.
 * Two signals would be sent out for one collection or item
   modification that happened. So these would need to be filtered
   out by interested clients.

Does that make sense? Or did I not understand your reasons.

Cheers,

Stef



More information about the Authentication mailing list