Infrastructure Team/Central Login: Difference between revisions
No edit summary |
No edit summary |
||
| Line 53: | Line 53: | ||
* Have a "Forgot password" feature. | * Have a "Forgot password" feature. | ||
* Edit LDAP metadata. It would be useful to let people authenticate on CAS, i.e., to avoid typing passwords twice, once to get access to a service and a second time in Account management applications before editing account metadata. | * Edit LDAP metadata. It would be useful to let people authenticate on CAS, i.e., to avoid typing passwords twice, once to get access to a service and a second time in Account management applications before editing account metadata. | ||
== Motion == | |||
Basing on Infrastructure Team discussion, there is a motion: | |||
* Central [[wikipedia:Lightweight_Directory_Access_Protocol |LDAP]], i.e., centralized database of all users; | |||
* Support [[wikipedia:Central_Authentication_Service|CAS]] on as many as possible Sugar Labs sites; | |||
* Having users friendly (not only for geeks) [[#Account management application|Account management application]]; | |||
* If particular site supports OpenID as a second auth method, use it as a second auth scheme with CAS; | |||
* Push this new infra to production usage; | |||
* Look for more auth methods, like certs based auth from Sugar Shell, that might be useful as well. | |||