Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[higgins-dev] whoami (was [IdAS] Context open/close semantics)
>>> Greg Byrd <gbyrd@xxxxxxxx> 8/10/06 8:59 AM >>>
<snip>
>I'm not yet in favor of the whoami call.  I guess I'm worried about
>someone random querying a Context and getting my identity object, which
>might contain private credentials. 
<snip>
 
If there were a way for someone to randomly query a Context and gain access to your private credentials via a whoami method, then there is a serious security problem regardless of that method.  If I (Jim) can somehow obtain a Context that you (Greg) originally opened with your credentials, then I am now essentially you. I can read and update anything you have privileges to. For some CP's this includes your credentials (even without a whoami method).
 
Applications need to be written in such a way as to not share authenticated Contexts among non-trusted parties.

Back to the top