Commit e2eee955 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

update docstring comment.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@43850 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent ecee4390
......@@ -157,13 +157,11 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
<ERP5_Root>/web_page_module/1?__ac_key=207221200213146153166
where value of __ac_key contains (encrypted):
- proxied (i.e. granting user) username
- PAS plugin encryption key
XXX: improve encrypt & decrypt part to use PAS encryption_key with a true
python encryption library (reuse of public / private key architecture)!
where value of __ac_key contains an encrypted reference of a user
TODO: We should use a real PKI (Public Key Infrastructure) so that we
can revoke a part of already provided keys without changing the
encryption key or a user's reference.
"""
meta_type = "ERP5 Key Authentication"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment