User authentication to services
Havoc Pennington
hp at redhat.com
Tue Jun 1 08:14:56 PDT 2004
On Tue, 2004-06-01 at 02:14, Rob Taylor wrote:
> I'm interested in implementing a solution. However its not clear to me if this proposed solution solves my problem - I need applications to be able to authorise to a service, not a service to applications. and these applications must not be forced to register as a service as there may be multiple instances. Am i understanding this correctly?
>
Remember that all apps own at least one service, their unique base
service name. (We have to come up with better terminology!)
Each connection to the bus has a unique ID that never gets recycled (is
never used by another connection to the same bus). This is called the
"base service name" at the moment and looks like ":2-5" (the numbers
change).
Then connections can own 0-N additional well-known service names, such
as "com.foobar.MyService" - these well-known names can refer to
different connections at different times, since the owner can disconnect
and another service can connect and take ownership instead.
So in the authentication case you'd want to track the base service name,
if you authenticated com.foobar.MyService you have a race condition
since you don't know that the app currently owning the service is the
same as the app you authenticated. With the base service name, if the
name still exists it's still the same app.
Havoc
More information about the dbus
mailing list