Brandorr wrote: > Alan, I am trying to just get going with one piece of this, without > having to reinvent the world in the whole process. I also don't agree > with all of the website redesign goals/methods. In particular:
But you *are* reinventing stuff that is already being done. And as for not agreeing with the redesign goals/methods - I've asked multiple times over a considerable period of time for feedback, and received precious little. > - I don't think a consistent look and feel should be mandatory (Limits > choices, and imposes development overhead, not to mention freedom of > expression). Mandatory - no. Desirable? Probably. > - The current authentication method plan > (http://opensolaris.org/os/project/website/website_restructuring/opensolaris_authentication.txt > ) won't work for many of us, as LDAP is much easier to support. (The > method described requires Java hacking for each mini-site, with LDAP > we can use the native LDAP support in whatever webapp we are using.) The authentication mechanism is specifically designed so it does NOT require Java - I'm not quite sure why you think it does. XMLRPC over SSL was chosen precisely because virtually every programming language there is can use it. I suspect you'll find that a) getting LDAP to work over SSL is not particularly easy, b) most systems that use LDAP for authentication have their own ideas of what the schema should look like [1] and c) there's no standard way that we might map the current opensolaris community/project hierarchy to LDAP. On top of that that the current opensolaris user database was not designed with LDAP in mind, and we probably wouldn't be able to migrate it to run under a LDAP server, and that whatever we choose has to be able to be retrofitted into existing web application to keep it running until we can migrate to something better. I'm not ruling out LDAP in the long run, it's just too much of a leap as a first step. > Obviously any work that we do can be leveraged as part of the website > redesign. I just don't to make one contingent on the other. That's your decision to make. > I ask one final question. If 99% of the "users" don't participate in > OpenSolaris development, is it even necessary to have the user portal > share authentication with the developer portal? (IE: SSO is nice in > theory, but a lot of work to implement). Considering that probably 99% of the 70,000+ registrations we have on opensolaris.org are not developers, I'd say the answer is a deafening 'Yes, it is necessary' - unless you think people who have signed up are all going to reregister, and are going to keep multiple accounts in sync by hand. We already have multiple applications accessing the common user database, and I expect there to be more and more of them over time. -- Alan Burlison -- [1] http://cweiske.de/tagebuch/LDAP%20addressbook.htm _______________________________________________ opensolaris-discuss mailing list [email protected]
