On Fri, Mar 13, 2009 at 7:17 AM, Henning Brune <henning.br...@googlemail.com> wrote: > Ups, sorry for hitting the 'send' button to soon. > > Here is the complete mail: > > After successful integration of roller with our custom user management > and CAS I found that using the Metaweblog API still uses the roller > user database. > > In Google I only found this old posting on roller 3.0: > > http://mail-archives.apache.org/mod_mbox/roller-user/200701.mbox/<8708546.p...@talk.nabble.com> > > I just wanted to ask if there is now some option I missed to make this > work? Otherwise I would synchronize our user passwords with roller to > solve the problem.
No, you didn't miss any option. I believe the Sun (blogs.sun.com) folks made a change so that the password stored in Roller is known as the "weblog client password" -- which is not a bad idea. After all, do you really want folks passing their real CAS password around via XML-RPC? But they never contributed this back to Roller. In the future, AtomPub should replace MetaWeblog/XML-RPC and OAuth will be the authentication mechanism. With OAuth, users will use an API key to authorize clients to access Roller. - Dave
