IntenseFinance/gnucash
3
0
Fork 0
mirror of https://github.com/Gnucash/gnucash.git synced 2025-02-25 18:55:30 -06:00
Code Issues Packages Projects Releases Wiki Activity

outline of how a netowrk login might work

Browse Source 
git-svn-id: svn+ssh://svn.gnucash.org/repo/gnucash/trunk@3436 57a11ea4-9604-0410-9ed3-97b8803252fd
This commit is contained in:
Linas Vepstas
2001-01-11 07:23:31 +00:00
parent b85acbee65
commit 3c0808f7d0
1 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/doc/netlogin.txt Normal file
View File

@@ -0,0 +1,26 @@
GnuCash Network Login
---------------------
A quick sketch of how network login works when using the xml-web backend
for communicating with a gnucash server.
1) User enters in a URL Location via GUI dialogue. Location is assumed
to be plain html, and is displayed with gnc_html_show_url()
in its own window.
2) The displayed page is presumably some kind of login page. It is not
gnucash specific, and is entirely up to the webmaster or sysadmin
to provide, modify, etc. the login & authentication information.
The user types in name, passord, whatever.
3) The authentication mechanism issues a guid which will be used
to identify the session. The guid is placed in a cookie labelled
"gnc-server-sesion-guid=xxxxxxxxxxxxxxxxxxxxx"
Because a cookie can be snoopedand then used to steal a session,
the only secure way of doing this is to use SSL.
4) The cookie is used to identify the session to the gnc-server.