I picked ldap_auth and pam_auth for our focus areas: https://blueprints.launchpad.net/drizzle/+spec/docs71-focus-areas I now realize auth_schema should be included too, unless of course we think it is implied by Administration.
Basically I want to make sure that docs/index.rst in those 3 plugins is usable for the average user. It seems it is mostly a question of supplying a good example section in addition to the file you've generated. When you say you want to document administration, do you want to claim all of auth_pam/docs/index.rst for yourself? Feel free to do so. I assume auth_schema is part of administration. I started today trying to understand ldap_auth. (And it seems to be a rule that no matter how innocent things I do I end up changing Makefile.am. In this case plugin/ldap_auth/ has material that is only there if you work from bzr repository, so to document how to create LDAP users, I first have to move a utility from noinst_PROGRAMS to bin_PROGRAMS... >From what I've learned today, auth_pam is a good authentication method, except for the drawback that you end up using plaintext passwords. auth_ldap actually has an advantage it is designed to store the MySQL hashed passwords in a custom LDAP field, however it is way too complex for the average user to setup. (It mostly just makes sense if you already use LDAP.) A conclusion of the above is that I really appreciate you creating auth_schema, and hope it is included in the beta because it is the only alternative that is both secure and user friendly and should be the default and recommended auth plugin. henrik On Sun, Oct 2, 2011 at 7:34 PM, Daniel Nichter <dan...@percona.com> wrote: > Hi Henrik, > > Correct: I did not update the docs. When I update the Administration docs > for 7.1, I will mention it. What docs are you updating where it's relevant? > > -Daniel > > Le 2 oct. 2011 à 03:15, Henrik Ingo a écrit : > >> Hi Daniel >> >> Related to your work in figuring out PAM authentication and knowing >> that you worked a little on documentation, am I correct that you >> didn't update any docs for this? I was thinking to select this as a >> focus area where we should update the docs for 7.1 release. I'm >> volunteering to do it, and the info in your blog post is already >> sufficient, just wanted to check you are not sitting on some >> documentation that I don't see yet in trunk? >> >> henrik >> >> On Fri, Sep 9, 2011 at 4:52 AM, Daniel Nichter <dan...@percona.com> wrote: >>> This has been resolved: >>> http://hackdrizzle.com/authenticating-with-authentication-plugins/ >>> >>> Le 9 août 2011 à 18:12, Daniel Nichter a écrit : >>> >>>> I'd like to draw attention to >>>> https://bugs.launchpad.net/drizzle/+bug/823637: "auth_pam and auth_http do >>>> not work". I think the reason is that the authentication system does not >>>> pass authentication plugins a plaintext password, only a MySQL-scrambled >>>> hash of the original plaintext password. I've verified that this is >>>> problem with auth_http by manually inserting a plaintext password. >>>> >>>> If this is the root problem, then I don't see how the authentication >>>> system will work because a MySQL password hash is only useful for MySQL, >>>> i.e. pam and curl can't use it. Can the plaintext password still be >>>> accessed? >>>> >>>> -Daniel >>>> _______________________________________________ >>>> Mailing list: https://launchpad.net/~drizzle-discuss >>>> Post to : drizzle-discuss@lists.launchpad.net >>>> Unsubscribe : https://launchpad.net/~drizzle-discuss >>>> More help : https://help.launchpad.net/ListHelp >>> >>> >>> _______________________________________________ >>> Mailing list: https://launchpad.net/~drizzle-discuss >>> Post to : drizzle-discuss@lists.launchpad.net >>> Unsubscribe : https://launchpad.net/~drizzle-discuss >>> More help : https://help.launchpad.net/ListHelp >>> >> >> >> >> -- >> henrik.i...@avoinelama.fi >> +358-40-8211286 skype: henrik.ingo irc: hingo >> www.openlife.cc >> >> My LinkedIn profile: http://www.linkedin.com/profile/view?id=9522559 > > -- henrik.i...@avoinelama.fi +358-40-8211286 skype: henrik.ingo irc: hingo www.openlife.cc My LinkedIn profile: http://www.linkedin.com/profile/view?id=9522559 _______________________________________________ Mailing list: https://launchpad.net/~drizzle-discuss Post to : drizzle-discuss@lists.launchpad.net Unsubscribe : https://launchpad.net/~drizzle-discuss More help : https://help.launchpad.net/ListHelp
