[Ex-plain] Existing Explain-- Servers
azaroth at liverpool.ac.uk
Mon Apr 8 16:04:16 CEST 2002
> What is authValue in practice? 'other' in idAuthentication?
Yes. The means by which you can send just a single value for
authentication rather than a user/password combination.
> Just wondering if it could be named something that relates
> to the Z39.50 spec (as user, group, password do). Also I am
> not sure about the DTD optionality etc.
<other> isn't a particularly useful element name :) It's a value for
authentication, so I called it authValue. Obviously I'm happy to change
this if there's a better name for it!
> <!ELEMENT authentication - - (authValue | (user?, group?, password?))>
> I think a DTD is "officially" ambiguous if there are two possible
> productions. So the '+' symbol when all members are optional I think
> is not actually legal.
That works out to the same thing, I think. Either authValue, or at least
one of user, group or password. But doesn't have the strange
However, I think that we may need to reformulate this section slightly
anyway for the following reason:
There should be a way to exclude servers which require authentication from
a search. More explicitly, servers that require authentication that is
not given in the record (as per Per's german server which has a guest
login). As currently there's nothing in the record except for the
structure (ie the presence of an empty authentication tag) which says that
authentication is required, this is harder to implement against.
This would allow a full database to be available, but interogated in such
a way as to only return servers which are actually usable by the client.
The various states that we need to be able to describe:
Authentication not needed
Authentication needed, and supplied
* using 'other'
* using user/group/password
Authentication needed, and not supplied
It should be possible to easily separate authentication supplied/not
Can you search for the empty string? I have a feeling that you can't.
Would then putting a 'required' attribute on authentication be sufficient?
,'/:. Rob Sanderson (azaroth at liverpool.ac.uk)
,'--/::(@)::. Special Collections and Archives, extension 3142
,'---/::::::::::. Twin Cathedrals: telnet: liverpool.o-r-g.org 7777
____/:::::::::::::. WWW: http://liverpool.o-r-g.org:8000/
I L L U M I N A T I
More information about the Ex-plain