Add zarb MLs html archivesHEADmaster

1 files changed, 103 insertions, 0 deletions

diff --git a/zarb-ml/mageia-sysadm/2011-April/003328.html b/zarb-ml/mageia-sysadm/2011-April/003328.html
new file mode 100644
index 000000000..f4e180c61
--- /dev/null
+++ b/zarb-ml/mageia-sysadm/2011-April/003328.html
@@ -0,0 +1,103 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-sysadm] Users authentication on forums
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Users%20authentication%20on%20forums&In-Reply-To=%3C20110411123920.GX21938%40mars-attacks.org%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="003335.html">
+   <LINK REL="Next"  HREF="003330.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-sysadm] Users authentication on forums</H1>
+    <B>nicolas vigier</B> 
+    <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Users%20authentication%20on%20forums&In-Reply-To=%3C20110411123920.GX21938%40mars-attacks.org%3E"
+       TITLE="[Mageia-sysadm] Users authentication on forums">boklm at mars-attacks.org
+       </A><BR>
+    <I>Mon Apr 11 14:39:20 CEST 2011</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="003335.html">[Mageia-sysadm] multiple builds on each nodes
+</A></li>
+        <LI>Next message: <A HREF="003330.html">[Mageia-sysadm] Users authentication on forums
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#3328">[ date ]</a>
+              <a href="thread.html#3328">[ thread ]</a>
+              <a href="subject.html#3328">[ subject ]</a>
+              <a href="author.html#3328">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>Hello,
+
+For authentication on the forums, we are currently using ldap. The user
+sends his login and passwords to phpbb which use it to authenticate on
+ldap server. Because of this, someone with root access on the forums
+server can access password of any user connecting to the forums. And
+because important passwords are transfered, the connection needs to be
+in SSL, so the *.mageia.org certificate also needs to be installed. So
+access to the server needs to be restricted to sysadmin team only, who
+also need to be able to check what is being done on forums, check it is
+secure, etc ... And I think this makes forums admins not happy.
+
+As we are using ldap for authentication only (not for groups or anything
+else), I think we could do authentication differently. Maybe we could
+setup a mageia OpenID server linked to the ldap server. Then on the
+forums use OpenID for authentication, when a user enter his login on
+the forums he is redirected to the mageia OpenID authentication page
+for the login entered. Then we can disable https on the forums, and
+forum admins can be root on the forums server. And passwords are better
+protected in case phpbb has a vulnerability.
+
+Sysadmin team would manage openid server. And forum team would manage
+forums server.
+
+I've seen this project for phpbb3 openid authentication (I didn't check
+if there are others) :
+<A HREF="http://sourceforge.net/projects/phpbb-openid/">http://sourceforge.net/projects/phpbb-openid/</A>
+
+Login form looks like this :
+<A HREF="http://sourceforge.net/dbimage.php?id=91989">http://sourceforge.net/dbimage.php?id=91989</A>
+We would need to modify it to remove Username/Password. Replace &quot;OpenID&quot;
+with &quot;Mageia login&quot; and automatically use Mageia OpenID server with the
+login entered. So that each account on the forum is still linked to a
+Mageia account.
+
+What do you think ?
+
+</PRE>
+
+
+
+
+
+
+
+
+
+
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="003335.html">[Mageia-sysadm] multiple builds on each nodes
+</A></li>
+	<LI>Next message: <A HREF="003330.html">[Mageia-sysadm] Users authentication on forums
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#3328">[ date ]</a>
+              <a href="thread.html#3328">[ thread ]</a>
+              <a href="subject.html#3328">[ subject ]</a>
+              <a href="author.html#3328">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
+mailing list</a><br>
+</body></html>