Difference between revisions of "Infrastructure Team/Central Login"
Jump to navigation
Jump to search
m (→Benefits) |
|||
| Line 23: | Line 23: | ||
Preliminary list of possible front-end methods to authenticate users. | Preliminary list of possible front-end methods to authenticate users. | ||
| − | |||
* [[wikipedia:Central_Authentication_Service |CAS]], the most common method, with a requirement to provide login/password, is useful for people who are not arriving from a Sugar Shell instance (and so, Sugar's certificate-based method does not work implicitly for them), and for casual visitors or those wishing to avoid the technical work of taking care of user side certificates. | * [[wikipedia:Central_Authentication_Service |CAS]], the most common method, with a requirement to provide login/password, is useful for people who are not arriving from a Sugar Shell instance (and so, Sugar's certificate-based method does not work implicitly for them), and for casual visitors or those wishing to avoid the technical work of taking care of user side certificates. | ||
* Users certificates are useful for people who need to be authenticated from a Sugar Shell where Sugar might perform some authentication routines under the hood. | * Users certificates are useful for people who need to be authenticated from a Sugar Shell where Sugar might perform some authentication routines under the hood. | ||
* [http://en.wikipedia.org/wiki/OpenID OpenID] authentication. | * [http://en.wikipedia.org/wiki/OpenID OpenID] authentication. | ||
| + | * Some services, e.g., https://obs.sugarlabs.org, requires Basic HTTP authentication by design. | ||
== Authenticate back-end == | == Authenticate back-end == | ||
* ldap.sugarlabs.org | * ldap.sugarlabs.org | ||
Revision as of 09:43, 28 September 2011
Summary
This is initiative to permit a user to access multiple SL resources while providing their credentials (such as userid and password) only once.
Benefits
- Single sign-on on all Sugar Labs services, and, in theory, on any Sugar related sites that want to get benefits from Sugar Central Login (there is no need to be hosted on Sugar Labs servers or so, only authentication will happen in centralized manner).
- Centralized users database.
- Reuse users database not only for Web services, but also for shell account, for example.
Resources to authenticate on
- http://wiki.sugarlabs.org
- http://git.sugarlabs.org
- http://bugs.sugarlabs.org
- http://activities.sugarlabs.org
- http://translate.sugarlabs.org
- https://obs.sugarlabs.org (Front-end HTTP API for OBS clients)
- https://packages.sugarlabs.org
Authenticate front-ends
Preliminary list of possible front-end methods to authenticate users.
- CAS, the most common method, with a requirement to provide login/password, is useful for people who are not arriving from a Sugar Shell instance (and so, Sugar's certificate-based method does not work implicitly for them), and for casual visitors or those wishing to avoid the technical work of taking care of user side certificates.
- Users certificates are useful for people who need to be authenticated from a Sugar Shell where Sugar might perform some authentication routines under the hood.
- OpenID authentication.
- Some services, e.g., https://obs.sugarlabs.org, requires Basic HTTP authentication by design.
Authenticate back-end
- ldap.sugarlabs.org