• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: AS: to Keychain or NOT (opinions please)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AS: to Keychain or NOT (opinions please)

  • Subject: Re: AS: to Keychain or NOT (opinions please)
  • From: email@hidden (Ken McLeod)
  • Date: Thu, 25 Oct 2001 16:24:42 -0700
  • Newsgroups: apple.lists.applescript-users
  • Organization: Apple Computer, Inc.
  • Xref: forum.apple.com apple.lists.applescript-users:13815
In article <email@hidden>,
Jon Pugh <email@hidden> wrote:

> At 10:12 AM -0400 10/24/2001, Xandra Lee wrote:
> >Does using Keychain complicate AppleScripting ( or general Mac use for
> >that matter)
>
> Using the keychain is a good thing. It keeps plain text passwords
> out of your script and in a protected location. It allows other
> people to use their own login name and password without editing the
> script (just when running it initially).

You don't even need to store the login name in the script. Here's an
example of using Keychain Scripting in conjunction with the "mount volume"
command:

----------

set foundPW to ""
set iDiskServer to "idisk.mac.com"

tell application "Keychain Scripting"
try
-- find the first matching item in the current keychain.
-- to search all available keychains, use "every" instead of "current"
set foundItem to first AppleShare key of current keychain whose
server is iDiskServer
set foundAccount to (account of foundItem)

-- get the password (may require user confirmation dialog)
set foundPW to (password of foundItem)

on error message
display dialog "Unable to get password for iDisk. " & message
buttons "OK" default button 1
end try
quit
end tell

if foundPW is not "" then
-- mount the volume
set iDiskURL to "afp://" & foundAccount & ":" & foundPW & "@" &
iDiskServer & "/" & foundAccount
with timeout of 10 seconds
mount volume iDiskURL
end timeout
end if

----------

> Of course, trying to do this on X is another issue. Classic or not?

Keychain Scripting is not yet available on OS X as of 10.1 (it's there in
Classic, obviously, but that will only look in your Classic keychain;
there is no integration with the X keychain.) The reason for this has to
do with the keychain's security model on OS X. Individual processes can be
trusted to access a keychain, but there isn't currently a way to delegate
that trust, or a portion of it. Keychain Scripting needs to be able to act
only as a proxy for a trusted process (the one in which your script is
executing) without allowing a malicious script the same level of access to
the keychain.

-ken

References: 
 >AS: to Keychain or NOT (opinions please) (From: Xandra Lee <email@hidden>)

  • Prev by Date: Re: Where is Speech Listener for X?
  • Next by Date: Re: Where is Speech Listener for X?
  • Previous by thread: Re: AS: to Keychain or NOT (opinions please)
  • Next by thread: Need help with Styling text in Quark
  • Index(es):
    • Date
    • Thread