[Zope3-dev] Re: RFC: Unification of requests and security contexts through Use

Tres Seaver tseaver at zope.com
Tue Jan 20 10:41:29 EST 2004 

Chris McDonough wrote:

> The one piece I think I "get" is that a "use" might be modeled as a
> connection, thus the security context for the duration of the connection
> doesn't necessarily need to change, although there might be multiple
> requests over that connection.
> 
> That said, for the most common connection-oriented protocols that
> encapsulate multiple requests (eg. keepalive HTTP), you'll probably need
> to reauth after every request over that connection anyway as new
> credentials can always be presented with each new request.  As a result,
> I'm having difficulty visualizing a system under which this might be
> useful.  Even if the credentials are presented ahead of time and it
> wasnt a multirequest protocol, the entire connection could be modeled as
> a single (long) request, couldn't it?

Two prominent counterexamples:

   - FTP is connection oriented;  Zope2 "fakes" request-based security
     for it.

   - HTTPS with certificate auth has a single long-running connection,
     whose credentials are established as part of setting up the
     socket over SSL, and *cannot* be changed on a per-request basis.

The other case which shows up frequently in Zope 2 is the "executable 
owner" check:  the effective roles for a bit of untrusted code are the 
intersection of the roles of two principals, the "authenticated user" 
for the request and the "executable owner".

>>In a way, they are all the same thing. The proposal describes taking 
>>various parts of the presentation and security systems, and putting them 
>>together in a box called "a use". The "use" acts as a security context, 
>>and contains principals and requests.
> 
> 
> Would it be fair to say that a use is an object with an interface that
> contains, in its simplest form, a single principal object and a single
> request object?  And that the use has no responsibilities other than to
> contain these two objects, and to allow the addition of additional
> principals (for whatever reason) to itself?

Tres.
-- 
===============================================================
Tres Seaver                                tseaver at zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com

More information about the Zope3-dev mailing list