Editing Task:Single sign-on/Status

Warning: You are not logged in. Your IP address will be recorded in this page's edit history.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision Your text
Line 1: Line 1:
This wiki page should give an update of the current status of the SSO implementation for the maemo.org components. The concept behind it and the reasons for the chosen implementation can be found here: [[Task:Single_sign-on]]
This wiki page should give an update of the current status of the SSO implementation for the maemo.org components. The concept behind it and the reasons for the chosen implementation can be found here: [[Task:Single_sign-on]]
-
 
-
== SSO Status meeting 23-07 ==
 
-
 
-
'''Wiki is fully integrated'''
 
-
* sign-in and sign-out
 
-
 
-
'''User information'''
 
-
*All editing interfaces should redirect to Midgard n.n.account
 
-
**Registration also happens there
 
-
*Niels has [[Task:Single_sign-on/Account_info_stored_in_ldap|documented]] what data we need to manage
 
-
**Add to the n.n.accounts DM2 schema
 
-
*When user is edited in Midgard we should push the data to backend
 
-
**which will notify other services
 
-
**done as MidCOM watcher in the org.maemo.cas component
 
-
 
-
'''User information exchange'''
 
-
*Web services on top of Midgard MVC (midgard2)
 
-
*PULL interface that services can poll
 
-
**Changes since transaction ID XX
 
-
*PUSH interface for notifying services about changes
 
-
**webhooks http://blog.webhooks.org/about/
 
-
*Implementation
 
-
**Additional software (on the same server as CAS?)
 
-
***midgard2
 
-
***mysql (for userdata storage)
 
-
**Midgard MVC component for providing the web services
 
-
***JSON as transfer medium
 
-
***SSL client cert authentication between services and the Midgard2 instance
 
-
**CAS talks directly to MySQL
 
-
***CAS needs just username and password in some table (encryption?)
 
-
**The protocol specification needed ASAP (Alexey)
 
-
***Look up similar implementations in other web services
 
-
 
== Discuss it! ==
== Discuss it! ==
-
If you have suggestions, ideas, comments or questions feel free to join [http://maemo.org/maemo-meeting/sso-meeting-2009-05-27.html #maemo-meeting, 27.05. 12:00 UTC]
+
If you have suggestions, ideas, comments or questions feel free to join #maemo-meeting, 27.05. 12:00 UTC
-
 
+
-
=== In short - the main results of the meeting ===
+
-
 
+
-
Besides a general status update, here in a few words the main results of the meeting:
+
-
 
+
-
==== User management ====
+
-
* Centralised in one component
+
-
* Implemented on top of Midgard
+
-
** Infrastructure and UI already there
+
-
** Only modifications instead of rebuild from scratch
+
-
* Stored in a LDAP directory
+
-
* Applications...
+
-
** ...request the data from the user management system
+
-
** ...still have there own, local database
+
-
** ...offer endpoint, which can be pinged by the user management system to inform, that user data has been changed
+
-
 
+
-
==== Data merging ====
+
-
* First proposal 2-way merge, but problem with talk, as mostly different from the rest
+
-
* Better (or additionally): First login into new system request user to specify user names and passwords of all components and merge them under the new account
+
-
 
+
-
==== Keep informed ====
+
-
Here, in the monthly [[Maemo.org_Sprints/May_09|sprints]] and on my [http://danielwilms.wordpress.com blog] you can get always the newest information on the topic. In a couple of weeks we will meet again to discuss the status. I hope there will be a lively discussion in the meanwhile to get new ideas, comments and suggestions.
+
== Test environment setup ==
== Test environment setup ==
Line 81: Line 26:
* CAS authentication integrated
* CAS authentication integrated
* User can log in and logout using CAS
* User can log in and logout using CAS
-
* Single sign-out now working
 
Line 94: Line 38:
* Applications could request data from it
* Applications could request data from it
* Right now just a UI as a user registry
* Right now just a UI as a user registry
 +
== Issues ==
== Issues ==
 +
* ISSUE: Wiki: no anonymous reading allowed right now
* ISSUE: LDAP/registry not over secure connection
* ISSUE: LDAP/registry not over secure connection
 +
* ISSUE: Single sign out not implemented yet for wiki
 +
== Next steps ==
== Next steps ==
Line 120: Line 68:
*** Web UI for user
*** Web UI for user
*** REST API for applications
*** REST API for applications
-
 
-
[[Category:Tasks]]
 

Learn more about Contributing to the wiki.


Please note that all contributions to maemo.org wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see maemo.org wiki:Copyrights for details). Do not submit copyrighted work without permission!


Cancel | Editing help (opens in new window)
Retrieved from "https://wiki.maemo.org/Task:Single_sign-on/Status"