Changes between Version 4 and Version 5 of doc/developer/TokenArchitecture

Show
Ignore:
Timestamp:
06/01/07 19:06:01 (15 years ago)
Author:
benoitg
Comment:

Design update

Legend:

Unmodified
Added
Removed
Modified
  • doc/developer/TokenArchitecture

    v4 v5  
    44= Token, General model = 
    55Currently, connection tokens are very weak entities, directly stored in the connection table.  Many stakeholders would like to add features to connections (time limit, persistent token, etc.) to support the different WirelessCommunityModels.  To do this without shooting ourselves in the foot, we need a data model that can solve the general problem of connection handling and re-use, not just a specific degenerate case of it (such as selling pre-paid time). 
    6  
    76 
    87What follows is a first draft at doing so. 
     
    1312 * token_max_data_transfer Ex: Allows capping bandwidth 
    1413 * token_max_connection_duration: Ex: Allows limiting the length of a single connection 
    15  * token_max_usage_duration: Ex: Allows selling access by the hour 
    16  * token_max_wallclock_duration: Ex:  Allows selling daily, weekly or monthly passes 
     14 * token_max_usage_duration: Ex: Allows selling access by the hour (counting only when in use) 
     15 * token_max_wallclock_duration: Ex:  Allows selling daily, weekly or monthly passes (starting the count as soon as the token is first used) 
     16 * token_max_age: Ex:  Allow setting a maximum time before epirint (starting the count as soon as the token is issued) 
    1717 * is_reusable:  Is the connection reusable? (normally, yes) 
    1818 
     
    2626 * token_creation_date (not the same as connection start time) 
    2727 * token_issuer:  A user in the system.  User responsable for the creation of the token (not necessarily the same as the one using it)  
    28  * token_owner:  The user that can USE the token. 
     28 * token_owner:  The user that can USE the token (anyone if empty?). 
    2929 
    3030When a connection is established, the values in the tokens table are used, along with eventual network policies (maximum monthly data transfer, maximum connection time) or node policies (opening hours) to calculate max_data_transfer and expiration_date in the connection table.  This calculation is expensive, but once done, all the auth server has to do is validate max_data_transfer and expiration_date which is practically free.