[haiku-web] Re: Drupal-Trac Single Sign-On...

  • From: "Jorge G. Mare" <koki@xxxxxxxxxxxxxx>
  • To: haiku-web@xxxxxxxxxxxxx
  • Date: Sun, 06 Apr 2008 19:44:26 -0700

Hi Niels,

On Sun, 2008-04-06 at 18:04 +0200, Niels Reedijk wrote:
> Hi gang,
> 
> 2008/3/28, Niels Reedijk <niels.reedijk@xxxxxxxxx>:
> > 2008/3/23, Jorge G. Mare (a.k.a. Koki) <koki@xxxxxxxxxxxxxx>:
> > > Niels Reedijk wrote:
> > >  >> So what exactly would the effect be on security without it?
> > >  >
> > >  > Well, we would probably use the TracAccountmanager plugin, which sort
> > >  > of does the same as our database login: it also hijacks the internal
> > >  > procedures. It can be configured to use a large number of backends.
> > >  > One of those backends is in the session table on the database itself,
> > >  > others will allow it to store login data in a separate file.
> > >
> > >
> > > Is there anything in particular that would stop us from using the
> > >  TracAccountmanager plugin?
> >
> > Well, besides testing, we would have to select the best password
> > authentication method, and I am in the process of writing a script
> > that selects all the users that ever logged on, creates a new password
> > for them and sends them an email notifying them of this fact.
> 
> About the script: two of the three components are already in place. I
> have the commands that extract the user names from the database, and I
> have the code that generates random passwords, and encodes them. The
> final building block is the code that generates email messages to mail
> round the new passwords. I'm working on that now.
> 
> Next to that, there have been many improvements to Trac's memory
> management lately, and that it will probably be soon that I will test
> the migration on my local machine. I do not know whether we should
> wait for the final version, or if we could install an interim beta. It
> has been tested quite thoroughly on the project's website
> (trac.edgewall.org) and it would finally allow me to roll out all my
> improvements. At the same time I will try the TracAccountManager
> plugin for 0.10.x, to see whether it supports the same features.
> 
> Anyway, this is all independent from Scott's offer, which we should
> discuss possibly at a meeting.

Thanks for all the work and the update.

For those who may not be aware (don't remember if we mentioned it on
this list or not), Scott is from ICS, the folks that host kernel.org and
numerous other open source projects, and who have offered hosting our
website and Trac installations on their servers.

Cheers,

Koki


-----------------------------------------------------------------------
haiku-web@xxxxxxxxxxxxx - Haiku Web & Developer Support Discussion List

Other related posts: