summaryrefslogtreecommitdiffstats
path: root/zarb-ml/mageia-sysadm/2011-April/003328.html
diff options
context:
space:
mode:
authorNicolas Vigier <boklm@mageia.org>2013-04-14 13:46:12 +0000
committerNicolas Vigier <boklm@mageia.org>2013-04-14 13:46:12 +0000
commit1be510f9529cb082f802408b472a77d074b394c0 (patch)
treeb175f9d5fcb107576dabc768e7bd04d4a3e491a0 /zarb-ml/mageia-sysadm/2011-April/003328.html
parentfa5098cf210b23ab4f419913e28af7b1b07dafb2 (diff)
downloadarchives-1be510f9529cb082f802408b472a77d074b394c0.tar
archives-1be510f9529cb082f802408b472a77d074b394c0.tar.gz
archives-1be510f9529cb082f802408b472a77d074b394c0.tar.bz2
archives-1be510f9529cb082f802408b472a77d074b394c0.tar.xz
archives-1be510f9529cb082f802408b472a77d074b394c0.zip
Add zarb MLs html archivesHEADmaster
Diffstat (limited to 'zarb-ml/mageia-sysadm/2011-April/003328.html')
-rw-r--r--zarb-ml/mageia-sysadm/2011-April/003328.html103
1 files changed, 103 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2011-April/003328.html b/zarb-ml/mageia-sysadm/2011-April/003328.html
new file mode 100644
index 000000000..f4e180c61
--- /dev/null
+++ b/zarb-ml/mageia-sysadm/2011-April/003328.html
@@ -0,0 +1,103 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+ <TITLE> [Mageia-sysadm] Users authentication on forums
+ </TITLE>
+ <LINK REL="Index" HREF="index.html" >
+ <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Users%20authentication%20on%20forums&In-Reply-To=%3C20110411123920.GX21938%40mars-attacks.org%3E">
+ <META NAME="robots" CONTENT="index,nofollow">
+ <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+ <LINK REL="Previous" HREF="003335.html">
+ <LINK REL="Next" HREF="003330.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+ <H1>[Mageia-sysadm] Users authentication on forums</H1>
+ <B>nicolas vigier</B>
+ <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Users%20authentication%20on%20forums&In-Reply-To=%3C20110411123920.GX21938%40mars-attacks.org%3E"
+ TITLE="[Mageia-sysadm] Users authentication on forums">boklm at mars-attacks.org
+ </A><BR>
+ <I>Mon Apr 11 14:39:20 CEST 2011</I>
+ <P><UL>
+ <LI>Previous message: <A HREF="003335.html">[Mageia-sysadm] multiple builds on each nodes
+</A></li>
+ <LI>Next message: <A HREF="003330.html">[Mageia-sysadm] Users authentication on forums
+</A></li>
+ <LI> <B>Messages sorted by:</B>
+ <a href="date.html#3328">[ date ]</a>
+ <a href="thread.html#3328">[ thread ]</a>
+ <a href="subject.html#3328">[ subject ]</a>
+ <a href="author.html#3328">[ author ]</a>
+ </LI>
+ </UL>
+ <HR>
+<!--beginarticle-->
+<PRE>Hello,
+
+For authentication on the forums, we are currently using ldap. The user
+sends his login and passwords to phpbb which use it to authenticate on
+ldap server. Because of this, someone with root access on the forums
+server can access password of any user connecting to the forums. And
+because important passwords are transfered, the connection needs to be
+in SSL, so the *.mageia.org certificate also needs to be installed. So
+access to the server needs to be restricted to sysadmin team only, who
+also need to be able to check what is being done on forums, check it is
+secure, etc ... And I think this makes forums admins not happy.
+
+As we are using ldap for authentication only (not for groups or anything
+else), I think we could do authentication differently. Maybe we could
+setup a mageia OpenID server linked to the ldap server. Then on the
+forums use OpenID for authentication, when a user enter his login on
+the forums he is redirected to the mageia OpenID authentication page
+for the login entered. Then we can disable https on the forums, and
+forum admins can be root on the forums server. And passwords are better
+protected in case phpbb has a vulnerability.
+
+Sysadmin team would manage openid server. And forum team would manage
+forums server.
+
+I've seen this project for phpbb3 openid authentication (I didn't check
+if there are others) :
+<A HREF="http://sourceforge.net/projects/phpbb-openid/">http://sourceforge.net/projects/phpbb-openid/</A>
+
+Login form looks like this :
+<A HREF="http://sourceforge.net/dbimage.php?id=91989">http://sourceforge.net/dbimage.php?id=91989</A>
+We would need to modify it to remove Username/Password. Replace &quot;OpenID&quot;
+with &quot;Mageia login&quot; and automatically use Mageia OpenID server with the
+login entered. So that each account on the forum is still linked to a
+Mageia account.
+
+What do you think ?
+
+</PRE>
+
+
+
+
+
+
+
+
+
+
+
+
+<!--endarticle-->
+ <HR>
+ <P><UL>
+ <!--threads-->
+ <LI>Previous message: <A HREF="003335.html">[Mageia-sysadm] multiple builds on each nodes
+</A></li>
+ <LI>Next message: <A HREF="003330.html">[Mageia-sysadm] Users authentication on forums
+</A></li>
+ <LI> <B>Messages sorted by:</B>
+ <a href="date.html#3328">[ date ]</a>
+ <a href="thread.html#3328">[ thread ]</a>
+ <a href="subject.html#3328">[ subject ]</a>
+ <a href="author.html#3328">[ author ]</a>
+ </LI>
+ </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
+mailing list</a><br>
+</body></html>