[cap-talk] What's an authenticated authentication?
Ludovic Courtès
ludo at gnu.org
Fri Jul 24 06:28:16 EDT 2009
Hi,
"Rob Meijer" <capibara at xs4all.nl> writes:
> On Fri, July 24, 2009 11:02, Ludovic Courtès wrote:
[...]
>> http://acegisecurity.org/acegi-security/apidocs/org/acegisecurity/AuthenticationManager.html
>>
>> Authentication authenticate(Authentication authentication)
>> throws AuthenticationException
>>
>> Attempts to authenticate the passed Authentication object, returning
>> a fully populated Authentication object (including granted
>> authorities) if successful.
[...]
>> So this method literally "establishes the authenticity of a mark that
>> validates the authenticity of something"?
>
> Sounds reasonable, like establishing that a EU passport (that validates
> the authenticity of my identity) is a real and unaltered password. My
> password authenticates my identity belonging to me, but my passport itself
> is also subject to authentication by people and systems checking my
> identity.
Yes, that's right, but just like any other object. Thus, i would rather
expect something like:
Authentication authenticate (Object object)
AIUI, in Rees' "A Security Kernel..." terms, we'd make it clear which
aspect of the object is to be authenticated, so it could look like:
boolean is_authentic (object o, class c)
which would be used as:
is_authentic (my_passport, eu_passport_class)
What do you think?
Thanks,
Ludo'.
More information about the cap-talk
mailing list