Preface

This document is part of the LiveSupport project, Copyright © 2004 Media Development Loan Fund, under the GNU GPL.

Scope

This document contains the specification of the LiveSupport Authentication component.

This document contains embedded SVG figures, thus an SVG capable browser is needed to view it, or an SVG plugin like Adobe's SVG Viewer.

Requirements

Overview

The purpose of the Authentication component is to provide authentication services by receiving authentication information and checking these against an authentication database.

Goals

The authentication component is a re-usable component, which provides both local and remote interfaces. Different authentication methods may be supported, with username / password authentication being the most trivial.

System functions

The main system functions are described below. There are three categories for these functions:
function category
 meaning
evident
 Should perform, and the user should be cognizant that it is performed
hidden
 Should perform, but not visible to the users.
frill
 Optional


ref#
 function
 category
F1.1
 Authenticate users
 evident




System attributes

Generic attributes

ref#
 attribute
 details and constraints
 category
A1.1
 operating system platform
 Linux
 must
A1.2
 local interface
 locally callable API
 must
A1.3
 remote interface
 remote interface via some RPC method like XML-RPC or SOAP
 want





Attributes related to system functions

ref#
 function
 ref#
 attribute
 details and constraints
 category







Essential use cases

This section lists generic (essential) uses cases, that do not contain architecture-specific considerations.

UC-1 Authenticate user

ref# UC-1
use case Authenticate user
type primary, essential
actors User
purpose Authenticate a user
overview The user contacts the Authentication module with the intention of verifying his integrity.
references F1.1

Typical course of events

actor action
system response
1. User connects to the authentication component with the intention of authenticating

2. The User provides authentication information 3. The system checks the authentication information againts its internal database, and informs the user if the provided information was correct.





Alternate courses

none

Conceptual model

The following figure displays the semantic concepts identified for the Scheduler daemon, and the main associations between the concepts.


Concepts


concept
 description
Authentication database
 A database containing authentication information, against which user-sent authentication information can be checked.
Authentication
 Component responsible for doing the authentications
Authentication info
 The information a user sends during authentication, provides the basis for authentication
User
 The party that wants to authenticate
Authentication interface
 The local or remote interface for authentications



Associations


source
 association
 target
 description
Authentication
 Checks authentication info in
 Authentication database
Authentication database
 Stores
 Authentication info
User
 Contains
 Authentication info
User
 Authenticates by
 Authentication interface





System behavior

The behavior of the system as a whole as experienced from the outside is discussed in this section.

System sequence diagrams

System diagrams are presented for each use case below.

UC-1 Authenticate user


System objects

The following figures shows the system objects and their functions, as derived from the system sequence diagrams.

Contracts

For all operations exposed in the system sequence diagrams, the following contracts are defined.

Contract for AuthenticationInterface : authenticate

Name
 authenticate
(authInfo : AuthenticationInfo)
: boolean
Responsibilities
 Check if the the provided authentication info is recognized.
Type
 system
Cross-reference
 UC-1
Notes
Exceptions
 none
Output
 true if the provided authentication is recognized, false otherwise
Pre-conditions
 none
Post-conditions
 none