Re: [ros-dev] SoC 2006 (Login Framework)

We have a very basic winlogon in base\system\winlogon, it also has basic code to load msgina.dll and provide a very very basic SaS loop (that is used to display the GUI on the secured desktops and vor authentication related messages) No, we need to stick to the name msgina.dll. There's a super-basic version implemented in dll\win32\msgina "Identity Management" is lsass.exe, which doesn't really exist in ros. Many of the security APIs make lsa calls, which is capable of performing authentication and also remote authentication. 3) won't be able to be testable in windows as what you're talking about is advapi32.dll + lsass.exe. That's how authentication and user management is handled. Unfortunately lsass.exe doesn't exists in ros as of now. We're going to have to work around these problems by adding some hacks (ie. only "enumerate" one account, the administrator account etc. Unfortunately to add, remove and change users you'd have to use netapi32.dll (ie. NetUserAdd, NetUserChangePassword, ...). This DLL doesn't exist anytime soon. A custom identity management system in ros is out of question as we'd require lsass.exe to be implemented. That's too much for your task, and we don't even have the RPC system working well enough to accomplish this. msgina.dll should just use the publicly documented functions of kernel32, advapi32, netapi32, ... For the purpose of your project, we might just hardcode some values, etc in these DLLs to get it working. Winlogon already is able to load msgina.dll. However it's very incomplete as it only calls very few of msgina's exported Wlx* functions. msgina should export at least all documented Wlx* functions. These functions are all documented and we should not add a reactos specific implementation (See LogonUser(Ex), CreateProcessAsUser, ImpersonateLoggedOnUser, .... These is used to perform authentication and we should not invent our own set. The users are managed and saved in the registry (SAM database), it's located in HKLM/SAM. I'm not familiar with the format etc, but we lack lsa and sam for user managment. This is why for the purpose of your task we'll just make quick&dirty implementations of the required APIs to add some fake implementation. Implementing a lsass.exe, sam etc is way too much for your task. As I mentioned above, rolling our own APIs is not desirable, you're going to have to use LogonUser(Ex) and CreateProcessAsUser for authentication. I advice you to take a look at the documentation of the mentioned APIs since they're fairly complex. Also you should read about the interface between winlogon and msgina, the functions start with the Wlx prefix, WlxInitialize for example. Remember that we need a SaS (that's basically a window message loop on the secured desktops) that is required for APIs like WlxSasNotify. Also you should take a look at our winlogon implementation. It's very basic but also it gives you an idea of how the architecture should look like. I hope this email helps you a bit more. Sorry for replying a bit late, I was going out a lot this weekend :) Best Regards, Thomas _______________________________________________ Ros-dev mailing list Ros-dev(a)reactos.org http://www.reactos.org/mailman/listinfo/ros-dev