Hi all,
the implementation of signon-ui in Ubuntu desktop uses a QWebView with
a custom cookie jar: we keep a cookie jar per identity, so that when the
same identity is asked to be reauthenticated we can often skip the login
page. For Ubuntu Touch (tablets and phones) we are experimenting with
QQuick's WebView, which is based on WebKit2. Due to restrictions on the
QtWebKit API, we are launching the WebView in another process, with a
$HOME variable which depends on the identity: in that way we prevent
sharing of data among the different WebViews.
Either way, it's becoming obvious that this data which signon-ui is
storing (maybe indirectly) for each identity should be removed when the
identity is deleted or even when the Identity::signOut() method is called.
Therefore I'm proposing we add a "removeIdentityData(u)" method to the
signon-ui D-Bus API. I will make it so that signond does not panic if
calling this method fails, so it should be able to run even with a
signon-ui which doesn't implement it.
If I don't hear different opinions, I'll assume that all is good. :-)
Ciao,
Alberto
--
http://blog.mardy.it <- geek in un lingua international!