• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How to create an auth model similar to the networking prefs?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to create an auth model similar to the networking prefs?

  • Subject: Re: How to create an auth model similar to the networking prefs?
  • From: Quinn <email@hidden>
  • Date: Wed, 23 Jan 2008 12:38:28 +0000
At 15:18 -0800 22/1/08, Dave Camp wrote:
I'm not sure if this is the best list to ask my question, but I thought I'd start here since I've seen some auth items discussed here before. If there is a better list, please point me at it (the description of the CDSA list sounded like it was for something different).

Au contraire, Apple-CDSA is exactly the right mailing list to ask this on. The folks from Apple's data security team, who are responsible for all of this Authorization Services goo, hang out on that list.

<http://www.lists.apple.com/apple-cdsa>

However, I can take a stab at the answer (-: The right used by most of the panels in System Preferences is "system.preferences". Here's the default right specification (as of 10.5.x).

        <key>system.preferences</key>
        <dict>
            <key>allow-root</key>
            <true/>
            <key>class</key>
            <string>user</string>
            <key>comment</key>
            <string>Checked by the Admin framework when making changes to
            certain System Preferences.</string>
            <key>group</key>
            <string>admin</string>
            <key>shared</key>
            <true/>
        </dict>

You can approach this two ways:

A. Find a rule that matches that right specification. Currently there is no such a rule. The closest is probably "default", but its timeout of 300 will cause your icon to be shown as locked if it's been more than 5 minutes since the user last authenticated.

B. Remember that the rightDefinition parameter of AuthorizationRightSet can be either a string (that names a rule) or a dictionary (that allows you to specify the right directly). So, when creating your right, specify a dictionary with all of the properties that you need.

Finally, remember that you can use SFAuthorizationView (in the SecurityInterface framework) to do all of the having lifting associated with the "lock" icon.

S+E
--
Quinn "The Eskimo!"                    <http://www.apple.com/developer/>
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: How to create an auth model similar to the networking prefs?

      • From: Dave Camp <email@hidden>
      • 





References: 


 >How to create an auth model similar to the networking prefs? (From: Dave Camp <email@hidden>)






    

  • Prev by Date:
Re: How does server decide what text encoding for response?

    • 

  • Next by Date:
Re: Crashes when implicitly accessing the Keychain from NSURL

    • 

  • Previous by thread:
How to create an auth model similar to the networking prefs?

    • 

  • Next by thread:
Re: How to create an auth model similar to the networking prefs?

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •