From: paulr Date: Tue, 23 Nov 2010 06:19:21 +0000 (+1100) Subject: active directory text and stuff X-Git-Url: http://git.pjr.cc/?a=commitdiff_plain;h=e49465df93deb42c68a52f47af9b3d5d02e114d6;p=ga4php.git active directory text and stuff --- diff --git a/example/activedirectory/extend.php b/example/activedirectory/extend.php index a551202..43ff589 100644 --- a/example/activedirectory/extend.php +++ b/example/activedirectory/extend.php @@ -3,6 +3,7 @@ require_once("../../lib/ga4php.php"); // TODO: This code works, but needs to be fixed and commented properly +// TODO: setup encryption into AD // define our token class diff --git a/example/activedirectory/index.php b/example/activedirectory/index.php index bf25053..c58a44b 100644 --- a/example/activedirectory/index.php +++ b/example/activedirectory/index.php @@ -4,7 +4,16 @@ * AD has several attributes you can use for storing your own data, and * thats what we use * - * This is only the beginning code, + * This is only the beginning code, for starters we need some way of encrypting + * the data we put in AD cause the extensionAttributes1-15 are globally readable + * and thus the token is completely insecure. This is easy to fix though as the + * encryption just needs to be a static set key within the class that puts/gets + * data. At least, for the example we should set a GOOD example and do this + * other implementations might even want to implement their own schema such that + * permissions around that token key are strict in the schema, however encrypting + * the data is not a bad idea. The key for the encrypted data can be very long + * and very random as its not designed for user interaction, though it should be + * backed up occasionally */ // set these