1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5BLONG%5D%20sympa%20%28%20and%20web%20apps%20%29%0A%09ldap%09authentication&In-Reply-To=%3C20101125195407.GR7479%40virgo.home.nanardon.zarb.org%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000945.html">
<LINK REL="Next" HREF="000948.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication</H1>
<B>Olivier Thauvin</B>
<A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20%5BLONG%5D%20sympa%20%28%20and%20web%20apps%20%29%0A%09ldap%09authentication&In-Reply-To=%3C20101125195407.GR7479%40virgo.home.nanardon.zarb.org%3E"
TITLE="[Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication">nanardon at nanardon.zarb.org
</A><BR>
<I>Thu Nov 25 20:54:09 CET 2010</I>
<P><UL>
<LI>Previous message: <A HREF="000945.html">[Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication
</A></li>
<LI>Next message: <A HREF="000948.html">[Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#947">[ date ]</a>
<a href="thread.html#947">[ thread ]</a>
<a href="subject.html#947">[ subject ]</a>
<a href="author.html#947">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>* Romain d'Alverny (<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">rdalverny at gmail.com</A>) wrote:
><i> On Thu, Nov 25, 2010 at 18:54, Michael Scherer <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">misc at zarb.org</A>> wrote:
</I>><i> > Le jeudi 25 novembre 2010 à 10:50 +0100, Buchan Milne a écrit :
</I>><i> > My point is that we should be consistent. Ie, if we start using
</I>><i> > sometimes a username, sometimes a email ( and well, I must say "one of
</I>><i> > the numerous email people have", because I am pretty sure that I am not
</I>><i> > the only one to have more than 1 email ), this will be annoying.
</I>><i>
</I>><i> When we set up my.mandriva.com back in 2005, using the email address
</I>><i> instead of login to authenticate has been a big improvement: way less
</I>><i> contacts from people saying "I forgot my username" or trying to
</I>><i> re-register with an already used email address and a different login
</I>><i> (and then failing to do so).
</I>><i>
</I>><i> In this case, it may be that the cognitive effort to remember an email
</I>><i> address one already uses regularly is easier than the one to remember
</I>><i> a username that one may use only to authenticate (actually, that was
</I>><i> the hypothesis back at the time).
</I>
It is possible to include in catdap a way to receive a reminder about
users informations from a email.
But the usage of email as login in my.mdv also make my life harder since
I never remember which one of my 5 emails was used (the same issue apply
on other website). The worst happend when I had to change my email
address because it had to disappear.
User must be able to change their email address. Changing the login will
probaby have side effect, so using email as login is probably a bad
idea.
><i> > We cannot use email everywhere, since some services do not support it
</I>><i> > ( svn+ssh will not accept it, no @ in username IIRC, neither would the
</I>><i> > current buildsystem ). And doing translation will be source of
</I>><i> > confusion.
</I>><i>
</I>><i> Yes, that's a drawback, but an acceptable one I think:
</I>><i> * only for people that will use code repositories and buildsystem; that is,
</I>><i> * you are not forced to allow user identification against a single
</I>><i> id; what you need is just something you know identifies the user for
</I>><i> sure (if the email unicity and ownership are both proven, that's a
</I>><i> pretty good hint). So you can both authenticate against email/pass and
</I>><i> login/pass (and even have several email/login for that, if they are
</I>><i> checked against first).
</I>
We can ensure unicity of login on our side because we have full control,
but nothing prevent to a company to give same email to several people,
or to give a previously used email address to a new employee.
If the account become important (sys admin, distrib manager), we then
cannot ensure who receive the information we send.
--
Olivier Thauvin
CNRS - LATMOS
♖ ♘ ♗ ♕ ♔ ♗ ♘ ♖
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: </pipermail/mageia-sysadm/attachments/20101125/7ae6acd8/attachment.asc>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000945.html">[Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication
</A></li>
<LI>Next message: <A HREF="000948.html">[Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#947">[ date ]</a>
<a href="thread.html#947">[ thread ]</a>
<a href="subject.html#947">[ subject ]</a>
<a href="author.html#947">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
mailing list</a><br>
</body></html>
|
