Difference between revisions of "Infrastructure Team/Central Login"

Revision as of 13:24, 20 September 2011

This is initiative to permit a user to access multiple SL resources while providing their credentials (such as userid and password) only once.

Preliminary list of possible front-end methods to authenticate users.

For now https://obs.sugarlabs.org requires Basic HTTP Auth.
CAS, the most common method, with a requirement to provide login/password, is useful for people who are not arriving from a Sugar Shell instance (and so, Sugar's certificate-based method does not work implicitly for them), and for casual visitors or those wishing to avoid the technical work of taking care of user side certificates.
Users certificates are useful for people who need to be authenticated from a Sugar Shell where Sugar might perform some authentication routines under the hood.
OpenID authentication.

@@ Line 20: / Line 20: @@
 * [[wikipedia:Central_Authentication_Service |CAS]], the most common method, with a requirement to provide login/password, is useful for people who are not arriving from a Sugar Shell instance (and so, Sugar's certificate-based method does not work implicitly for them), and for casual visitors or those wishing to avoid the technical work of taking care of user side certificates.
 * Users certificates are useful for people who need to be authenticated from a Sugar Shell where Sugar might perform some authentication routines under the hood.
+* [http://en.wikipedia.org/wiki/OpenID OpenID] authentication.
 == Authenticate back-end ==
 * ldap.sugarlabs.org