Task:Single sign-on/Status

This wiki page should give an update of the current status of the SSO implementation for the maemo.org components. The concept behind it and the reasons for the chosen implementation can be found here: Task:Single_sign-on

Contents

Discuss it!

If you have suggestions, ideas, comments or questions feel free to join #maemo-meeting, 27.05. 12:00 UTC

Test environment setup

Here you find the current status of the test environment. It is not meant for testing, but it should inform about the status right now.

Image:Architecture_test_envi.jpg

Authentication Server

  • Instance of CAS running on the test server
  • Apache Tomcat used as servlet container
  • Secure connection
  • self signed certificate used for testing purposes
  • LDAP directory used for user authentication (running on virtual machine)


Mediawiki

  • Instance of mediawiki running on the test server
  • Apache web server used to host the wiki
  • CAS authentication integrated
  • User can log in and logout using CAS


GForge

  • Instance hosted by apache web server running in test environment
  • Integration ongoing


User Management System

  • Abstracted of the others components
  • Should contain all the user related data
  • Applications could request data from it
  • Right now just a UI as a user registry


Issues

  • ISSUE: Wiki: no anonymous reading allowed right now
  • ISSUE: LDAP/registry not over secure connection
  • ISSUE: Single sign out not implemented yet for wiki


Next steps

  • Full integration of GForge
  • Concept user data management -> apart from CAS
    • Merging of different userdatabases (bugzilla, talk, midgard)
  • Midgard integration
  • Getting Wiki, Midgard, GForge in a shape for public testing


Future Plans

  • integration of bugzilla, talk


Open Questions

  • How should the application get the data from the user management system
    • First possibility:
      • Just UI to register user and update data
      • Other components get data by LDAP-access
    • Second idea:
      • Web UI for user
      • REST API for applications