Infrastructure Team/Central Login: Difference between revisions
No edit summary |
discussion link |
||
| (2 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
== Summary == | == Summary == | ||
This is initiative to permit a user to access multiple SL resources while providing their credentials (such as userid and password) only once. | This is an initiative to permit a user to access multiple SL resources while providing their credentials (such as userid and password) only once. | ||
== Benefits == | == Benefits == | ||
| Line 53: | Line 53: | ||
* Have a "Forgot password" feature. | * Have a "Forgot password" feature. | ||
* Edit LDAP metadata. It would be useful to let people authenticate on CAS, i.e., to avoid typing passwords twice, once to get access to a service and a second time in Account management applications before editing account metadata. | * Edit LDAP metadata. It would be useful to let people authenticate on CAS, i.e., to avoid typing passwords twice, once to get access to a service and a second time in Account management applications before editing account metadata. | ||
== Motion == | |||
Basing on Infrastructure Team discussion, there is a motion: | |||
* Central [[wikipedia:Lightweight_Directory_Access_Protocol |LDAP]], i.e., centralized database of all users; | |||
* Support [[wikipedia:Central_Authentication_Service|CAS]] on as many as possible Sugar Labs sites; | |||
* Having users friendly (not only for geeks) [[#Account management application|Account management application]]; | |||
* If particular site supports OpenID as a second auth method, use it as a second auth scheme with CAS; | |||
* Push this new infra to production usage; | |||
* Look for more auth methods, like certs based auth from Sugar Shell, that might be useful in addition to the existing system. | |||
=== Discussion === | |||
[http://www.mail-archive.com/sugar-devel@lists.sugarlabs.org/msg23290.html sugar-devel thread] | |||