[Mono-devel-list] Future direction for System.Web and System.Security.Principal...

[Miguel de Icaza]

Hello,

> Firstly, the System.Web.Security namespace contains classes that provide
> authentication against Windows/IIS and Microsoft Passport, and neither
> of these mechanisms is currently implemented in Mono. We all know
> Passport is bad and that trusting MS to look after our personal details
> is akin to digital suicide, but is it the Mono project's plan to
> implement the Passport and Windows authentication classes at some point,
> or will they remain as stones left unturned?  As a corollary, I'm also
> wondering how Sytem.Security.Principal is going to be implemented?  Will
> the Windows-based classes be implemented and, if so, will they be joined
> by UNIX-based classes or, will the Generic classes be extended in some
> manner?

If someone implements the needed bits to have the Passport API in place,
I would not mind having it.   If someone also makes it talk to other
authentication servers as well, that would be even nicer.

There are also implementations of Liberty for .NET that people can use.

> Finally, MS.NET allows session state to be disabled or stored in a
> variety of different ways, including: within the ASP.NET process; in a
> SQL Server database; or in a Windows State Server Service.  Mono
> currently only supports the disabling of session state or the storing of
> in-process session state, but I assume that a state server and a DB
> mechanism can be added at some point. So does anyone know if its going
> to be possible to get the state server to be compatible with the MS
> implementation, and for the DB mechanism, would I be right in assuming
> it will probably be implemented in a  provider-agnostic fashion?

At some point we want to implement the other session state mechanisms. 
If someone wants to contribute this before we get around to it, it
would be grand.

miguel