No, you only given trust level 5 to those user ids that you want to have
trust level 5. You can only authenticate a user id if you know the
password (its credentials).
Also, note that to perform user authentication across systems, the
authenticator must be registered as the same name on all machines where
you want to use user trust authentication.
--------------------------------------------------------------
Sharon Lucas
IBM Austin, luc...@us.ibm.com
(512) 286-7313 or Tieline 363-7313
agou <a...@talktalk.net>
01/21/2009 12:47 PM
To
Sharon Lucas/Austin/i...@ibmus
cc
staf <staf-users@lists.sourceforge.net>
Subject
Re: [staf-users] Trust?
But doesn't that mean that the user is validated is only validated
locally, then? So a malicious user could validate a user on his own
machine and gain level 5 trust on any other machine?
/jan
Sharon Lucas wrote:
> In regards to user level trust, you are right that submitting a CREATE
> HANDLE NAME request to the HANDLE service requires trust level 5.
However,
> there's an important note in the STAF User's Guide, section "8.5.2
> CREATE", sub-section "Security", that says:
> Note: This command is only valid if submitted to the local machine, not
to
> remote machines.
>
> So, since you can only create a STAF handle on your local machine (e.g.
> STAF local HANDLE CREATE HANDLE NAME ...), and since the local machine
> always has trust level 5 to itself, this isn't an issue. Then you can
use
> this handle to submit STAF service requests (like a PROCESS START
request)
> to other machines.
>
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
staf-users mailing list
staf-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/staf-users
