[webkit-dev] Keychain access

[Trey Matteson]

I believe this is the story in Tiger:  For HTTP level auth, WebKit  
gains the feature of having those credentials optionally remembered  
in Keychain via functionality implemented in Foundation.

For auth done via HTML forms, Safari implements facilities for  
remembering these credentials in Keychain, so it's not part of  
WebKit.  That feature is closely tied to the features of autofilling  
previously entered data into general forms, or data from the Me card  
in AddressBook.

It's certainly possible that these features could be moved from  
Safari into WebKit, but for compatibility you'd really want to be  
able to start with the code from Safari, which of course is not  
public.  One reason I say that is the quirkiness of the Keychain API  
and data model, which I think would invite discrepancies between  
separate implementations.

The only alternative I see is for some other app to implement its own  
similar mechanism, and then have the choice of trying to keep its  
saved creds separate from Safari, or share the same Keychain data and  
hope they don't trip each other up with inconsistent uses of the  
Keychain fields.  Perhaps a little tech doc on the Safari impl could  
smooth that out.

Caveat: Some of my info might be obsoleted by more recent WebKit  
work, as I haven't followed that very closely since last summer  
(funny how a startup can focus the mind).

trey



On Apr 28, 2007, at 12:18 PM, P A wrote:

> Is there anyway to use Webkit but also have Webkit
> access Keychain?  For me this a drawback as I have to
> constantly input my passwords.  What does everyone
> else use to have their passwords entered automatically?
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> http://lists.webkit.org/mailman/listinfo/webkit-dev
>