From e49465df93deb42c68a52f47af9b3d5d02e114d6 Mon Sep 17 00:00:00 2001 From: paulr Date: Tue, 23 Nov 2010 17:19:21 +1100 Subject: [PATCH] active directory text and stuff --- example/activedirectory/extend.php | 1 + example/activedirectory/index.php | 11 ++++++++++- 2 files changed, 11 insertions(+), 1 deletions(-) diff --git a/example/activedirectory/extend.php b/example/activedirectory/extend.php index a551202..43ff589 100644 --- a/example/activedirectory/extend.php +++ b/example/activedirectory/extend.php @@ -3,6 +3,7 @@ require_once("../../lib/ga4php.php"); // TODO: This code works, but needs to be fixed and commented properly +// TODO: setup encryption into AD // define our token class diff --git a/example/activedirectory/index.php b/example/activedirectory/index.php index bf25053..c58a44b 100644 --- a/example/activedirectory/index.php +++ b/example/activedirectory/index.php @@ -4,7 +4,16 @@ * AD has several attributes you can use for storing your own data, and * thats what we use * - * This is only the beginning code, + * This is only the beginning code, for starters we need some way of encrypting + * the data we put in AD cause the extensionAttributes1-15 are globally readable + * and thus the token is completely insecure. This is easy to fix though as the + * encryption just needs to be a static set key within the class that puts/gets + * data. At least, for the example we should set a GOOD example and do this + * other implementations might even want to implement their own schema such that + * permissions around that token key are strict in the schema, however encrypting + * the data is not a bad idea. The key for the encrypted data can be very long + * and very random as its not designed for user interaction, though it should be + * backed up occasionally */ // set these -- 1.7.0.4