[
https://jira.duraspace.org/browse/DS-937?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mark Diggory updated DS-937:
----------------------------
Description:
Use of email address as a persistent identifier for the DSpace conflicts with
the fact that email addresses are not persistent. Email addresses go away
and/or are reassigned to other individuals. There are also policy concerns
with Authenticators like Shibboleth and CAS that may or may not deliver an
email address as a organizational policy.
This Task is a placeholder to identify a solution to correct for the problem.
1.) DSpace should use a different identifier / key for the EPerson (netid? or
combination of "authenticator + netID")
2.) DSpace should make providing an email address as optional for cases where
the Authentication features lack this specific capability.
3.) Issuing emails should be optional for accounts without email addresses.
4.) Stop storing email address (or any other detail about who made the change)
in dc.description.provenance field.
One proposed solution to this problem is that the Authentication Method should
be broken off of EPerson and stored separately, making EPerson a "Profile" and
the method of Authentication be stored separately (Password, Certificate, LDAP,
Shibboleth, CAS, Facebook, Google) Different AuthenticationMethods may store
the data as they see fit. And the Profile would store only those local details
for that user.
was:
Use of email address as a persistent identifier for the DSpace conflicts with
the fact that email addresses are not persistent. Email addresses go away
and/or are reassigned to other individuals. There are also policy concerns
with Authenticators like Shibboleth and CAS that may or may not deliver an
email address as a organizational policy.
This Task is a placeholder to identify a solution to correct for the problem.
1.) DSpace should use a different identifier / key for the EPerson (netid? or
combination of "authenticator + netID")
2.) DSpace should make providing an email address as optional for cases where
the Authentication features lack this specific capability.
3.) Issuing emails should be optional for accounts without email addresses.
One proposed solution to this problem is that the Authentication Method should
be broken off of EPerson and stored separately, making EPerson a "Profile" and
the method of Authentication be stored separately (Password, Certificate, LDAP,
Shibboleth, CAS, Facebook, Google) Different AuthenticationMethods may store
the data as they see fit. And the Profile would store only those local details
for that user.
> Stop using Email Address as Identifier for DSpace User.
> -------------------------------------------------------
>
> Key: DS-937
> URL: https://jira.duraspace.org/browse/DS-937
> Project: DSpace
> Issue Type: Improvement
> Components: DSpace API
> Affects Versions: 1.5.0, 1.5.1, 1.5.2, 1.6.0, 1.6.1, 1.6.2, 1.7.0, 1.7.1,
> 1.7.2, 1.8.0
> Reporter: Mark Diggory
> Priority: Major
>
> Use of email address as a persistent identifier for the DSpace conflicts with
> the fact that email addresses are not persistent. Email addresses go away
> and/or are reassigned to other individuals. There are also policy concerns
> with Authenticators like Shibboleth and CAS that may or may not deliver an
> email address as a organizational policy.
> This Task is a placeholder to identify a solution to correct for the problem.
> 1.) DSpace should use a different identifier / key for the EPerson (netid? or
> combination of "authenticator + netID")
> 2.) DSpace should make providing an email address as optional for cases where
> the Authentication features lack this specific capability.
> 3.) Issuing emails should be optional for accounts without email addresses.
> 4.) Stop storing email address (or any other detail about who made the
> change) in dc.description.provenance field.
> One proposed solution to this problem is that the Authentication Method
> should be broken off of EPerson and stored separately, making EPerson a
> "Profile" and the method of Authentication be stored separately (Password,
> Certificate, LDAP, Shibboleth, CAS, Facebook, Google) Different
> AuthenticationMethods may store the data as they see fit. And the Profile
> would store only those local details for that user.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.duraspace.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
