Allow multiple auth methods in PBSPro

Hi,

Currently, PBS allows only one auth method in the configuration for authentication and encrypt/decrypt data. So I am proposing new configurations switching which will allow admin/user to configure multiple auth methods which PBS server understands, whether to encrypt/decrypt data or not and if encrypt/decrypt data then which communication to encrypt/decrypt like encrypt/decrypt only client-server communication or encrypt/decrypt only server-mom or encrypt/decrypt everything etc…

Here is a link for design.

Please review it and let me know your comments/suggestions/questions…

Thanks

Hey @hirenvadalia

Thanks for writing up the design and sorry for the late feedback. I, however, think we can make this slightly simpler. I think we do NOT need the switch PBS_ENCRYPT_MODE

I think just PBS_ENCRYPT_METHOD should suffice. Since it is a client side switch only (i.e. whether to encrypt or not is a choice of the connection initiator side), it should be enough to just have PBS_ENCRYPT_METHOD act as a on/off switch. In other words, enable encryption is PBS_ENCRYPT_METHOD is specified in the condig. Also you do not need a value 2 for server to mom communication. mom is a client to the server (actually the comm), and when mom initiated a connection to the comm, the presence of PBS_ENCRYPT_METHOD should be enough to say that mom has chosen to encrypt its traffic.

Let me know if you feel otherwise.

Subhasis

I agree with you @subhasisb, we can remove PBS_ENCRYPT_MODE…

Great simplification, thanks!

1 Like