[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[leafnode-list] Re: authentication questions



On Tue-2009/02/17-22:07 I wrote:

> group_auth {
>    {command_any, user_hi_priv, groups_hi_priv},
>    {command_any, user_low_priv, groups_low_priv}
> }

This feature I would consider finished now.  I tested it with my
newsreader (tin 1.9.4).  It doesn't let me do any spectacular things,
just listing groups by wildcards, subscribing, reading and all that.
Other testing was done using nc(1) (netconnect, simple telnet).  Users
not explicitely allowed to access some groups don't get to see them.

On the Lua side there's a sample implementation of this feature called
"script-groupauth.lua", which will eventually appear in the
distribution.

There may still be subtle corners of usage patterns and clients causing
unexpected behaviour, but they should be easy to find and fix.  All the
problems I encountered were misconfigurations, but script-groupauth.lua
contains support for interactive standalone debugging.  Not very much of
that, but it is possible to edit the configuration table, run the same
commands by it that leafnode(8) would issue and see the outcome of
applying the current rule set.


clemens

-- 
_______________________________________________
leafnode-list mailing list
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
https://www.dt.e-technik.uni-dortmund.de/mailman/listinfo/leafnode-list
http://leafnode.sourceforge.net/