[Ex-plain] Existing Explain-- Servers

Robert Sanderson azaroth at liverpool.ac.uk
Mon Apr 8 16:04:16 CEST 2002

> What is authValue in practice? 'other' in idAuthentication?

Yes.  The means by which you can send just a single value for 
authentication rather than a user/password combination.

> Just wondering if it could be named something that relates
> to the Z39.50 spec (as user, group, password do). Also I am
> not sure about the DTD optionality etc.

<other> isn't a particularly useful element name :)  It's a value for 
authentication, so I called it authValue.  Obviously I'm happy to change 
this if there's a better name for it!

> <!ELEMENT authentication - - (authValue | (user?, group?, password?))>
> I think a DTD is "officially" ambiguous if there are two possible
> productions. So the '+' symbol when all members are optional I think
> is not actually legal.

That works out to the same thing, I think.  Either authValue, or at least 
one of user, group or password.  But doesn't have the strange 

However, I think that we may need to reformulate this section slightly 
anyway for the following reason:

There should be a way to exclude servers which require authentication from 
a search.  More explicitly, servers that require authentication that is 
not given in the record (as per Per's german server which has a guest 
login).  As currently there's nothing in the record except for the 
structure (ie the presence of an empty authentication tag) which says that 
authentication is required, this is harder to implement against.

This would allow a full database to be available, but interogated in such 
a way as to only return servers which are actually usable by the client.

The various states that we need to be able to describe:

Authentication not needed
Authentication needed, and supplied
   * using 'other'
   * using user/group/password
Authentication needed, and not supplied

It should be possible to easily separate authentication supplied/not 

Can you search for the empty string?  I have a feeling that you can't.
Would then putting a 'required' attribute on authentication be sufficient?


      ,'/:.          Rob Sanderson (azaroth at liverpool.ac.uk)
    ,'-/::::.        http://www.o-r-g.org/~azaroth/
  ,'--/::(@)::.      Special Collections and Archives, extension 3142
,'---/::::::::::.    Twin Cathedrals:  telnet: liverpool.o-r-g.org 7777
____/:::::::::::::.              WWW:  http://liverpool.o-r-g.org:8000/

More information about the Ex-plain mailing list