We should think about this a bit. It seems to be that this could be
a good hole for a DOS attack if the authentication was compromised.
The other consideration for me was that all the information in the
rolleruser table is (or can be) in LDAP. What does it mean if
someone updates that information? Do we replicate it again? What is
the trigger? etc...
I'm leaning toward UserManager being smart enough to handle remote
user profiles. I got sidetracked yesterday and today and couldn't
focus on it, but it seems that the username and the varchar record ID
are intermixed as the primary key for the table. If, in this case
only, the username was used as the primary key, the use of profile in
LDAP would be simplified, without adversely affecting behavior if
LDAP was not used.
I presume I must be missing something here, can we discuss it?
-b
On Dec 30, 2005, at 1:56 PM, Sean Gilligan wrote:
Brian Topping wrote:
Oops, I was tired and was mixing versions. Ten thousand apologies!!
I'll see what I can pull together.
Just to be clear: you're planning on adding "auto create" to the
2.1 code base? That is something I need for a project that I'm
working on, too. I'm definitely willing to help out on this one by
coding, testing, or writing wiki documentation. Let me know...
Regards,
Sean
