From warmerdam at pobox.com Thu Jul 5 10:03:54 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Thu Jul 5 10:04:09 2007
Subject: [SAC] Trac Spam
Message-ID: <468CFA4A.4070002@pobox.com>
Folks,
I see the trac-spammers have found the OSGeo trac instance. The last
couple anonymous changes to the following include hidden link spam.
http://trac.osgeo.org/osgeo/ticket/1
I have disabled anonymous ticket creation and modification on the osgeo
trac instance. Let me know if a different solution seems more appropriate.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From warmerdam at pobox.com Fri Jul 6 10:49:12 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Fri Jul 6 10:49:04 2007
Subject: [SAC] Trac Spam
Message-ID: <468E5668.70702@pobox.com>
Folks,
The Trac Spammers have found our Trac instances and are actively spamming
those that allow anonymous ticket creation and modification. For example
this recent spam on the Mapbender trac instance:
Changes (by anonymous):
* cc: mapbender_dev@lists.osgeo.org (removed)
* cc: None (added)
* component: core => print
* summary: Titled GUIs (new zebra) => None
* version: 2.4.1 => 2.1
* milestone: => Support usage of Styled Layer Descriptors (SLD)
* keywords: login, gui list => None
Comment:
{{{
#!html
Painter Interior design
}}}
Beyond the fact that our google karma is being redirected to serve
nefarious ends, there is also random damage being done to legitimate
trac tickets.
For the time being I have disabled anonymous ticket creation and
modification. Anyone wanting to submit or modify a ticket will now
need to login with an OSGeo userid. If this is contrary to the wishes
of the Mapbender PSC I (or Astrid or Christoph) can revert this change.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From christoph.baudson at wheregroup.com Wed Jul 11 07:28:22 2007
From: christoph.baudson at wheregroup.com (Christoph Baudson (WhereGroup))
Date: Wed Jul 11 07:29:33 2007
Subject: [SAC] Trac Spam
In-Reply-To: <468CFA4A.4070002@pobox.com>
References: <468CFA4A.4070002@pobox.com>
Message-ID: <4694BED6.2010103@wheregroup.com>
Hello,
Mapbender developer Michael Schulz informed us about a possible solution
(via captcha images). This is in develeopment, see
http://trac.edgewall.org/browser/sandbox/spam-filter-captcha
This way anonymous ticket creation would still be possible. Maybe we
should keep an eye on the development.
Cheers
Christoph
Frank Warmerdam schrieb:
> Folks,
>
> I see the trac-spammers have found the OSGeo trac instance. The last
> couple anonymous changes to the following include hidden link spam.
>
> http://trac.osgeo.org/osgeo/ticket/1
>
> I have disabled anonymous ticket creation and modification on the osgeo
> trac instance. Let me know if a different solution seems more appropriate.
>
> Best regards,
From warmerdam at pobox.com Wed Jul 11 10:57:44 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Wed Jul 11 10:32:23 2007
Subject: [SAC] Trac Spam
In-Reply-To: <4694BED6.2010103@wheregroup.com>
References: <468CFA4A.4070002@pobox.com> <4694BED6.2010103@wheregroup.com>
Message-ID: <4694EFE8.7010401@pobox.com>
Christoph Baudson (WhereGroup) wrote:
> Hello,
>
> Mapbender developer Michael Schulz informed us about a possible solution
> (via captcha images). This is in develeopment, see
>
> http://trac.edgewall.org/browser/sandbox/spam-filter-captcha
>
> This way anonymous ticket creation would still be possible. Maybe we
> should keep an eye on the development.
Christoph,
I have added a note about this on the SAC Trac page:
http://wiki.osgeo.org/index.php/Trac_Instances
I'm always a bit leery about adding plugins to our Trac instances as each
one is likely to make future upgrades more complex. But if it is needed
this might be worthwhile (when ready).
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From trac_osgeo at osgeo.org Sat Jul 14 10:36:29 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Sat Jul 14 10:36:31 2007
Subject: [SAC] [OSGeo] #125: File upload capability for web docs
Message-ID: <042.088193082f56bf7e6104a677399327e7@osgeo.org>
#125: File upload capability for web docs
----------------------+-----------------------------------------------------
Reporter: tmitchell | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: normal | Component: SAC
Keywords: |
----------------------+-----------------------------------------------------
After discussing with Bob, we can to the conclusion that the best way to
handle the MapGuide and FDO massive doc folders is to have some way of
being able to upload all these mega files to the www.osgeo.org server -
instead of the currently annoying task of managing them in SVN.
His team would only need access to one folder via something like WebDav
(or ftp) to be able to upload their computer generated docs for their html
api browser. I thought of WebDav because it will already be included in
Apache and is really easy to setup and could optionally use our LDAP.
This document management issue exists for others too, not just MapGuide
and FDO, but some of the committees have many large files scattered about
that are not good to manage through simplistic web forms. So a general
solution built on LDAP would be ideal.
Any thoughts? What do others think?
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From trac_osgeo at osgeo.org Sat Jul 14 10:37:27 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Sat Jul 14 10:37:28 2007
Subject: [SAC] Re: [OSGeo] #125: File upload capability for web docs
In-Reply-To: <042.088193082f56bf7e6104a677399327e7@osgeo.org>
References: <042.088193082f56bf7e6104a677399327e7@osgeo.org>
Message-ID: <051.9a0631b75c2712c6a3cce0aaf5f795f3@osgeo.org>
#125: File upload capability for web docs
------------------------+---------------------------------------------------
Reporter: tmitchell | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: normal | Component: SAC
Resolution: | Keywords:
------------------------+---------------------------------------------------
Comment (by tmitchell):
Here is a brief howto on WebDAV and LDAP:
http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/
Apache-WebDAV-LDAP-HOWTO.html
I can give it a try setting it up if others are busy.
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From trac_osgeo at osgeo.org Sat Jul 14 10:50:43 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Sat Jul 14 10:50:44 2007
Subject: [SAC] [OSGeo] #126: mysql binary logs filling disk
Message-ID: <042.68c4243b6b834e498eaf5cb003098e62@osgeo.org>
#126: mysql binary logs filling disk
----------------------+-----------------------------------------------------
Reporter: warmerdam | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: major | Component: SAC
Keywords: |
----------------------+-----------------------------------------------------
On www.osgeo.org the mysql binary logs in /var/lib/mysql have grown to
175GB, filling the disks.
It seems these logs are described at:
http://dev.mysql.com/doc/refman/5.0/en/binary-log.html
I have purged some older logs by issuing the following mysql command:
purge master logs before '2007-06-01';
But I think we need to figure out why the logs are so huge, whether we
even need them, and how to purge them more appropriately. According to
notes in the purge command docs you can set an automatic purge limit in
your mysql.cnf file using the expire_log_days keyword.
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From sbarnes at dmsolutions.ca Mon Jul 16 10:00:57 2007
From: sbarnes at dmsolutions.ca (shawn barnes)
Date: Mon Jul 16 10:00:59 2007
Subject: [SAC] [Fwd: Re: [OSGeo] #125: File upload capability for web docs]
Message-ID: <469B7A19.9000204@dmsolutions.ca>
-------- Original Message --------
From: - Mon Jul 16 09:59:50 2007
X-Account-Key: account3
X-UIDL: UID6612-1177937410
X-Mozilla-Status: 0011
X-Mozilla-Status2: 00000000
Return-Path:
Received: from gate7.r3.iad.emailsrvr.com (gate7.r3.iad.emailsrvr.com
[192.168.1.48]) by mail47a.mail.iad.mlsrvr.com (SMTP Server) with
ESMTP id B9EB6E43EF for ; Mon, 16 Jul 2007
09:59:30 -0400 (EDT)
Received: from gate10.gate.sat.mlsrvr.com (gate.sat.emailsrvr.com
[66.216.121.101]) by gate7.r3.iad.emailsrvr.com (SMTP Server) with
ESMTP id 96B9544D233 for ; Mon, 16 Jul 2007
09:59:30 -0400 (EDT)
X-Virus-Scanned: OK
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=0 tagged_above=-100 required=6 tests=[none]
X-Originating-Ip: [66.223.95.242]
Received: from lists.osgeo.org (lists.osgeo.org [66.223.95.242]) by
gate10.gate.sat.mlsrvr.com (SMTP Server) with ESMTP id 81AA15B001E for
; Mon, 16 Jul 2007 09:59:29 -0400 (EDT)
Received: from osgeo1.osgeo.org (localhost.localdomain [127.0.0.1]) by
lists.osgeo.org (Postfix) with ESMTP id 1A7E9E00E93; Mon, 16 Jul 2007
09:59:29 -0400 (EDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
From: OSGeo
Sender: trac_osgeo@osgeo.org
X-Trac-Version: 0.10.3.1
X-Mailer: Trac 0.10.3.1, by Edgewall Software
X-Trac-Project: OSGeo
Date: Mon, 16 Jul 2007 13:59:29 -0000
Reply-To: warmerdam@pobox.com
X-URL: http://www.osgeo.org/
Subject: Re: [OSGeo] #125: File upload capability for web docs
X-Trac-Ticket-URL: http://trac.osgeo.org/osgeo/ticket/125#comment:2
Message-ID: <051.b91fc5a2315cafe9b6cacc9b3933cf91@osgeo.org>
References: <042.088193082f56bf7e6104a677399327e7@osgeo.org>
X-Trac-Ticket-ID: 125
In-Reply-To: <042.088193082f56bf7e6104a677399327e7@osgeo.org>
To: undisclosed-recipients:;
#125: File upload capability for web docs
------------------------+---------------------------------------------------
Reporter: tmitchell | Owner: sbarnes
Type: task | Status: assigned
Priority: normal | Component: SAC
Resolution: | Keywords:
------------------------+---------------------------------------------------
Changes (by sbarnes):
* status: new => assigned
* owner: sac@lists.osgeo.org => sbarnes
Comment:
Tyler, i can set this up. Do you know what the expected url to these
files should be?
shawn
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From warmerdam at pobox.com Thu Jul 19 11:45:10 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Thu Jul 19 11:45:04 2007
Subject: [SAC] mysql binary logs
Message-ID: <469F8706.1000204@pobox.com>
Folks,
Does anyone know mysql fairly well, and have thoughts on the need for, and
value of the mysql binary logs on www.osgeo.org? This is the issue described
in:
http://trac.osgeo.org/osgeo/ticket/126
If you do, please add a note, or take over the ticket. If not, I'll just
configure things to keep the logs for only a couple days. But I do feel that
there is stuff at issue here that I don't really understand too well.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From trac_osgeo at osgeo.org Thu Jul 19 11:56:06 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Thu Jul 19 11:56:07 2007
Subject: [SAC] Re: [OSGeo] #126: mysql binary logs filling disk
In-Reply-To: <042.68c4243b6b834e498eaf5cb003098e62@osgeo.org>
References: <042.68c4243b6b834e498eaf5cb003098e62@osgeo.org>
Message-ID: <051.26b3d009780694c8c056591a04065e08@osgeo.org>
#126: mysql binary logs filling disk
------------------------+---------------------------------------------------
Reporter: warmerdam | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: major | Component: SAC
Resolution: | Keywords:
------------------------+---------------------------------------------------
Comment (by sbarnes):
The original reason for using binary logs is for doing incremental backups
via mysql Zamanda Recovery tool. Binary logs are a requirment for the
tool.
http://mysqlbackup.zmanda.com/index.php/Quick_start_example
I'm not married to this tool if anyone has a better suggestion.
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From trac_osgeo at osgeo.org Thu Jul 19 12:32:19 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Thu Jul 19 12:32:21 2007
Subject: [SAC] Re: [OSGeo] #126: mysql binary logs filling disk
In-Reply-To: <042.68c4243b6b834e498eaf5cb003098e62@osgeo.org>
References: <042.68c4243b6b834e498eaf5cb003098e62@osgeo.org>
Message-ID: <051.fc6790120a472ee448630d4af05f9f96@osgeo.org>
#126: mysql binary logs filling disk
------------------------+---------------------------------------------------
Reporter: warmerdam | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: major | Component: SAC
Resolution: | Keywords:
------------------------+---------------------------------------------------
Comment (by warmerdam):
Shawn,
Is Zamanda backup in place for mysql? How long do the binary logs need to
be kept around?
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From trac_osgeo at osgeo.org Thu Jul 19 12:41:18 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Thu Jul 19 12:41:20 2007
Subject: [SAC] Re: [OSGeo] #126: mysql binary logs filling disk
In-Reply-To: <042.68c4243b6b834e498eaf5cb003098e62@osgeo.org>
References: <042.68c4243b6b834e498eaf5cb003098e62@osgeo.org>
Message-ID: <051.9ca6b49c8f5ba5c2421f3ce49796cb6c@osgeo.org>
#126: mysql binary logs filling disk
------------------------+---------------------------------------------------
Reporter: warmerdam | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: major | Component: SAC
Resolution: | Keywords:
------------------------+---------------------------------------------------
Comment (by sbarnes):
Frank,
Yes, Zamanda is running. The binary logs have to be kept as long as we
keep the backup, we can set the number of days to whatever we want.
Right now zamanda keeps logs for 1 week. So we can purge the binary logs
older than one week.
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From arnulf.christl at wheregroup.com Sat Jul 21 06:48:31 2007
From: arnulf.christl at wheregroup.com (Arnulf Christl (OSGeo))
Date: Sat Jul 21 06:49:45 2007
Subject: [SAC] Re: [Mapbender-dev] Trac Spam
In-Reply-To: <468E5668.70702@pobox.com>
References: <468E5668.70702@pobox.com>
Message-ID: <52923.192.168.0.5.1185014911.squirrel@center>
On Fri, July 6, 2007 16:49, Frank Warmerdam wrote:
> Folks,
>
> The Trac Spammers have found our Trac instances and are actively spamming
> those that allow anonymous ticket creation and modification. For example
> this recent spam on the Mapbender trac instance:
>
> Changes (by anonymous):
>
> * cc: mapbender_dev@lists.osgeo.org (removed)
> * cc: None (added)
> * component: core => print
> * summary: Titled GUIs (new zebra) => None
> * version: 2.4.1 => 2.1
> * milestone: => Support usage of Styled Layer Descriptors (SLD)
> * keywords: login, gui list => None
>
> Comment:
>
> {{{
> #!html
> painter.bravehost.com/map.html>Painter design.bravehost.com/map.html>Interior design
> }}}
>
> Beyond the fact that our google karma is being redirected to serve
> nefarious ends, there is also random damage being done to legitimate
> trac tickets.
>
> For the time being I have disabled anonymous ticket creation and
> modification. Anyone wanting to submit or modify a ticket will now
> need to login with an OSGeo userid. If this is contrary to the wishes
> of the Mapbender PSC I (or Astrid or Christoph) can revert this change.
>
> Best regards,
This is probably the best solution, thank you for making these changes. We
will launch some information to this regard to the Mapbender users.
Bets regards,
--
Arnulf Benno Christl
http://www.osgeo.org
(OSGeo Board Member)
+50.7342N +7.0707E
From warmerdam at pobox.com Tue Jul 24 23:56:40 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Tue Jul 24 23:56:06 2007
Subject: [SAC] Re: create account page
In-Reply-To: <04D9DC3B-2E92-4DF9-B5F2-2827B72EE0D4@osgeo.org>
References: <50A490EF-76D9-42A4-A54B-7E9325A03E67@connect.carleton.ca>
<46A6137C.1080404@pobox.com>
<04D9DC3B-2E92-4DF9-B5F2-2827B72EE0D4@osgeo.org>
Message-ID: <46A6C9F8.1070509@pobox.com>
Tyler Mitchell (OSGeo) wrote:
> Scott - you can change your settings here:
> https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py
>
> Frank,
> Scott is talking about how his name appears in the Moodle example. I
> matched the LDAP "common name" attribute to the common name property in
> the moodle profile. There is a cn and ln (last name) attribute in the
> directory, which I thought made sense to use. Having full name put into
> the cn attribute is kind weird, we cannot then, programmatically know
> what their first and last names are. Can you change the new user form
> to say "Given Name" instead? I think it will be much more useful in the
> long run.
Tyler,
All the "cn" values were set to the full name in the LDAP server when
it was pre-populated by Shawn in January. I've just kept the pattern.
I'm not unwilling to change, but I think it should be discussed somewhat
more widely first (cc:ing SAC for that).
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From tmitchell at osgeo.org Wed Jul 25 00:27:24 2007
From: tmitchell at osgeo.org (Tyler Mitchell (OSGeo))
Date: Wed Jul 25 00:27:39 2007
Subject: [SAC] Re: create account page
In-Reply-To: <46A6C9F8.1070509@pobox.com>
References: <50A490EF-76D9-42A4-A54B-7E9325A03E67@connect.carleton.ca>
<46A6137C.1080404@pobox.com>
<04D9DC3B-2E92-4DF9-B5F2-2827B72EE0D4@osgeo.org>
<46A6C9F8.1070509@pobox.com>
Message-ID: <02A52888-A2D5-43D1-ABB6-1C86C6256829@osgeo.org>
On 24-Jul-07, at 8:56 PM, Frank Warmerdam wrote:
> All the "cn" values were set to the full name in the LDAP server when
> it was pre-populated by Shawn in January. I've just kept the pattern.
> I'm not unwilling to change, but I think it should be discussed
> somewhat
> more widely first (cc:ing SAC for that).
No problem, I understand.
I think "common name" (cn) should mean "first name" not "full name".
In some of the apps that are calling from LDAP we get stuck in a
pickle because we actually have no first name attribute to populate
user profiles with. I don't see any reason to have a full name
attribute - does anyone else?
Tyler
From sbarnes at dmsolutions.ca Wed Jul 25 08:47:52 2007
From: sbarnes at dmsolutions.ca (shawn barnes)
Date: Wed Jul 25 08:47:55 2007
Subject: [SAC] Re: create account page
In-Reply-To: <02A52888-A2D5-43D1-ABB6-1C86C6256829@osgeo.org>
References: <50A490EF-76D9-42A4-A54B-7E9325A03E67@connect.carleton.ca> <46A6137C.1080404@pobox.com> <04D9DC3B-2E92-4DF9-B5F2-2827B72EE0D4@osgeo.org> <46A6C9F8.1070509@pobox.com>
<02A52888-A2D5-43D1-ABB6-1C86C6256829@osgeo.org>
Message-ID: <46A74678.2040109@dmsolutions.ca>
There is a firstname attribute but, it is called givenName.
The minimal attributes that were originally populated are,
givenName -> firstname
sn -> lastname
cn -> firstname lastname
mail -> email
uid
userPassword
shawn
Tyler Mitchell (OSGeo) wrote:
>
> On 24-Jul-07, at 8:56 PM, Frank Warmerdam wrote:
>> All the "cn" values were set to the full name in the LDAP server when
>> it was pre-populated by Shawn in January. I've just kept the pattern.
>> I'm not unwilling to change, but I think it should be discussed somewhat
>> more widely first (cc:ing SAC for that).
>
> No problem, I understand.
>
> I think "common name" (cn) should mean "first name" not "full name". In
> some of the apps that are calling from LDAP we get stuck in a pickle
> because we actually have no first name attribute to populate user
> profiles with. I don't see any reason to have a full name attribute -
> does anyone else?
>
> Tyler
> _______________________________________________
> Sac mailing list
> Sac@lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/sac
>
From tmitchell at osgeo.org Wed Jul 25 10:27:14 2007
From: tmitchell at osgeo.org (Tyler Mitchell (OSGeo))
Date: Wed Jul 25 10:27:26 2007
Subject: [SAC] Re: create account page
In-Reply-To: <46A74678.2040109@dmsolutions.ca>
References: <50A490EF-76D9-42A4-A54B-7E9325A03E67@connect.carleton.ca> <46A6137C.1080404@pobox.com> <04D9DC3B-2E92-4DF9-B5F2-2827B72EE0D4@osgeo.org> <46A6C9F8.1070509@pobox.com>
<02A52888-A2D5-43D1-ABB6-1C86C6256829@osgeo.org>
<46A74678.2040109@dmsolutions.ca>
Message-ID:
On 25-Jul-07, at 5:47 AM, shawn barnes wrote:
> There is a firstname attribute but, it is called givenName.
> The minimal attributes that were originally populated are,
>
> givenName -> firstname
> sn -> lastname
> cn -> firstname lastname
> mail -> email
> uid
> userPassword
So, Frank, it's safe to say that givenName attribute has not been
populated as there is no form field for it in the sign up page?
From warmerdam at pobox.com Wed Jul 25 10:40:54 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Wed Jul 25 10:40:34 2007
Subject: [SAC] Re: create account page
In-Reply-To:
References: <50A490EF-76D9-42A4-A54B-7E9325A03E67@connect.carleton.ca>
<46A6137C.1080404@pobox.com> <04D9DC3B-2E92-4DF9-B5F2-2827B72EE0D4@osgeo.org>
<46A6C9F8.1070509@pobox.com>
<02A52888-A2D5-43D1-ABB6-1C86C6256829@osgeo.org>
<46A74678.2040109@dmsolutions.ca>
Message-ID: <46A760F6.4010403@pobox.com>
Tyler Mitchell (OSGeo) wrote:
>
> On 25-Jul-07, at 5:47 AM, shawn barnes wrote:
>
>> There is a firstname attribute but, it is called givenName.
>> The minimal attributes that were originally populated are,
>>
>> givenName -> firstname
>> sn -> lastname
>> cn -> firstname lastname
>> mail -> email
>> uid
>> userPassword
>
> So, Frank, it's safe to say that givenName attribute has not been
> populated as there is no form field for it in the sign up page?
Tyler,
That is correct. It is possible that givenName was set for a few
accounts created by hand but it is generally not set.
We have "cn" which is clearly the full name in LDAP usage, and
"sn" which is surname. I am hesitant to automatically populate
the givenName automatically because I don't think it is entirely
obvious what is the givenName in the cn field. Not all cultures
will have entered the "cn" as firstname lastname as we tend to.
Also the "cn" hasn't been populated all that consistently. Lots of
folks just put first name. Some have included honorifics, middle names,
first initials, etc.
Does Moodle really require a first name and a last name?
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From tmitchell at osgeo.org Wed Jul 25 11:08:27 2007
From: tmitchell at osgeo.org (Tyler Mitchell)
Date: Wed Jul 25 11:08:30 2007
Subject: [SAC] Re: create account page
In-Reply-To: <46A760F6.4010403@pobox.com>
References: <50A490EF-76D9-42A4-A54B-7E9325A03E67@connect.carleton.ca>
<46A6137C.1080404@pobox.com>
<04D9DC3B-2E92-4DF9-B5F2-2827B72EE0D4@osgeo.org>
<46A6C9F8.1070509@pobox.com>
<02A52888-A2D5-43D1-ABB6-1C86C6256829@osgeo.org>
<46A74678.2040109@dmsolutions.ca>
<46A760F6.4010403@pobox.com>
Message-ID:
I wouldn't worry about trying to programatically do anything. That
said, I'll gladly go through the directory and populate/fix any
entries...if there is a way I can do that.
I'd just like to see the field on the sign-up and edit forms you've
made. It's not just for moodle, but several apps I've been working
on.
On 7/25/07, Frank Warmerdam wrote:
> Tyler Mitchell (OSGeo) wrote:
> >
> > On 25-Jul-07, at 5:47 AM, shawn barnes wrote:
> >
> >> There is a firstname attribute but, it is called givenName.
> >> The minimal attributes that were originally populated are,
> >>
> >> givenName -> firstname
> >> sn -> lastname
> >> cn -> firstname lastname
> >> mail -> email
> >> uid
> >> userPassword
> >
> > So, Frank, it's safe to say that givenName attribute has not been
> > populated as there is no form field for it in the sign up page?
>
> Tyler,
>
> That is correct. It is possible that givenName was set for a few
> accounts created by hand but it is generally not set.
>
> We have "cn" which is clearly the full name in LDAP usage, and
> "sn" which is surname. I am hesitant to automatically populate
> the givenName automatically because I don't think it is entirely
> obvious what is the givenName in the cn field. Not all cultures
> will have entered the "cn" as firstname lastname as we tend to.
> Also the "cn" hasn't been populated all that consistently. Lots of
> folks just put first name. Some have included honorifics, middle names,
> first initials, etc.
>
> Does Moodle really require a first name and a last name?
>
> Best regards,
> --
> ---------------------------------------+--------------------------------------
> I set the clouds in motion - turn up | Frank Warmerdam,
> warmerdam@pobox.com
> light and sound - activate the windows | http://pobox.com/~warmerdam
> and watch the world go round - Rush | President OSGeo, http://osgeo.org
>
> _______________________________________________
> Sac mailing list
> Sac@lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/sac
>
From trac_osgeo at osgeo.org Thu Jul 26 10:26:20 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Thu Jul 26 10:26:21 2007
Subject: [SAC] [OSGeo] #128: Trac does not validate ids in CC and assign-to
fields
Message-ID: <044.250eecb483cbfd59d7ad55523b193975@osgeo.org>
#128: Trac does not validate ids in CC and assign-to fields
------------------------+---------------------------------------------------
Reporter: dmorissette | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: normal | Component: SAC
Keywords: |
------------------------+---------------------------------------------------
I have noticed that Trac doesn't validate the user ids set in the CC and
Assign-To fields of tickets. For instance, see the "abc" and "def" users
CC'd on this ticket.
As a result, we often end up CC'ing or assigning tickets to non-existent
users (either due to typos or to mistakes in guessing one's user id)...
and never get any feedback from that person since the notification never
made it home. This is a serious problem for projects (and a problem that
bugzilla didn't have since you could Assign-to or CC only registered users
in bugzilla).
I think Trac really needs to validate user ids and report errors as soon
as an invalid id is entered. Is this a Trac option that is not enabled on
our servers or a bug in Trac?
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From tmitchell at osgeo.org Sun Jul 29 00:25:35 2007
From: tmitchell at osgeo.org (Tyler Mitchell (OSGeo))
Date: Sun Jul 29 00:27:00 2007
Subject: [SAC] Install: Moodle, journal, conference systems
Message-ID:
Hi everyone, I've been testing out a few different systems that
various committees, projects, etc. pointed me to and am ready to
install them on osgeo1.
The applications in question are:
* Moodle: http://moodle.org/ - course management system for online
learning (for Edu Com), already in use by some EduCom curriculum
contributors, comes with good recommendation and familiarity by others.
* Open Conference System (OCS): http://pkp.sfu.ca/ocs/ (for
Conference Com), to improve committee level access for event
planning, session tracking, file management, maintaining a legacy of
conference information, etc. To serve minimally as an easy way to
handle preliminary planning, hosting some files, etc. Potentially as
a year-to-year system for tracking our main events.
* Open Journal System (OJS): http://pkp.sfu.ca/ojs/ (for Journal
project), to improve the set up, review, creation, publication,
indexing, etc. of OSGeo Journal. This is primarily a workflow
application that helps tie together various stages of journal
preparation.
All of the above are stable, mature projects built using, in our
case, MySQL and PHP. While it is theoretically possible to mirror
their functionality using custom Drupal development, I believe that
is not the best approach, nor feasible at this point in time. There
are others I've talked to that have a similar set up as ours, Drupal,
plus these other apps, plus LDAP and mediawiki.
They also all support LDAP. There is also some work going on to
supply a php-based single-sign-on for these projects. My experience
using them has also been positive - the systems are highly
responsive, easy to install and compact in size. But the biggest
impact will be when it has made it easier for others in our community
to maintain the content in their systems.
If anyone has any questions, concerns or issues they want to discuss
before I proceed on installation, please let me know. I would like
to start this soon.
Tyler
From crschmidt at metacarta.com Mon Jul 30 08:45:11 2007
From: crschmidt at metacarta.com (Christopher Schmidt)
Date: Mon Jul 30 08:45:04 2007
Subject: [SAC] Offering OpenID for OSGeo Users
Message-ID: <20070730124511.GA6462@metacarta.com>
One of the important pieces of the OSGeo infrastructure is the user ID.
It provides the ability for users to login with the same username and
password at various parts of the OSGeo site infrastructure.
There are now applications being developed by OSGeo users which require
login infrastructure. Thankfully, there is a distributed
login/authentication system: "OpenID: an actually distributed identity
system"[1]. OpenID allows you to enter a URL -- like
http://openid.osgeo.org/crschmidt -- into a form like the login form at
SpatialReference.org[2], to indicate your identity.
In an effort to make it easier to use OSGeo identities in a
distributable way, it would be possible to set up a PHP Standalone
OpenID Server[3] to authenticate against LDAP. You can see what sort of
interface this provides at a sample server I've set up[4].
Login as crschmidt:test. You can test logging in at
http://spatialreference.org/openid/, using
'http://crschmidt.net/~crschmidt/PHP-server-1.1/src/?user=crschmidt' as
your login.
I started playing with this last night, on geodata.telascience.org
(which can talk to the LDAP server). I think I'm actually pretty close
to getting it working, but I don't have root on the box, and the PHP
settings are to hide all errors, so I'm having a lot of trouble
debugging it. :)
Steps to getting this to work:
* Getting the error display for PHP truned on, so that the rest of the
system can be debugged in its current state. This may involve needing
root on some machine to install some packages -- I'm not sure yet.
More importantly, a PHP directory I can write to on some server that
can talk to LDAP is important
* Once the system is up and running, styling the templates to look like
the OSGeo homepage.
* Making profile editing links go directly to OSGeo pages, rather than
having any internal profile information.
* Cleaning up URLs, so that '/crschmidt' is used instead of
?user=crschmidt
* Making the 'this is the profile page for' pages have relevant
links:
http://crschmidt.net/~crschmidt/PHP-server-1.1/src/?user=crschmidt
I think that once that is done, the server would need to be put
someplace it could be at openid.osgeo.org, and documenting that OSGeo
IDs are now OpenIDs.
I'm willing to do all the work here, so long as someone gives me the
information on where I need to be doing the work so that I don't screw
anything up. :)
Looking forward to any thoughts.
[1] http://openid.net/
[2] http://spatialreference.org/openid/
[3] http://www.openidenabled.com/openid/php-standalone-openid-server/
[4] http://crschmidt.net/~crschmidt/PHP-server-1.1/src/
[5] http://geodata.telascience.org/geni/PHP-server-1.1/src/
Regards,
--
Christopher Schmidt
MetaCarta
From warmerdam at pobox.com Mon Jul 30 09:07:50 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Mon Jul 30 09:07:59 2007
Subject: [SAC] Offering OpenID for OSGeo Users
In-Reply-To: <20070730124511.GA6462@metacarta.com>
References: <20070730124511.GA6462@metacarta.com>
Message-ID: <46ADE2A6.6020800@pobox.com>
Christopher Schmidt wrote:
> In an effort to make it easier to use OSGeo identities in a
> distributable way, it would be possible to set up a PHP Standalone
> OpenID Server[3] to authenticate against LDAP.
...
> I started playing with this last night, on geodata.telascience.org
> (which can talk to the LDAP server). I think I'm actually pretty close
> to getting it working, but I don't have root on the box, and the PHP
> settings are to hide all errors, so I'm having a lot of trouble
> debugging it. :)
Chris,
I think providing openid access to ldap authentication sounds like
a good idea if you can be fairly certain that it isn't going to
introduce security problems. That is, are you pretty confident of
the stability of the PHP code used to implement this gateway?
Did you do this work referencing ldap.osgeo.org or the ldap used for
the telascience blades? I didn't think that the telascience blades
currently had access to ldap.osgeo.org at all but I could be behind
the times.
If you are actually working against the wrong ldap now I'd suggest
we give you a test.osgeo.org account (the secondary machine with
the same hardware configuration as www.osgeo.org) and you set it
up there, taking careful note of what would need to be moved.
The test.osgeo.org machine has access to ldap.osgeo.org, and is
configured quite similarly to the main machine so it should be easy
to migrate stuff over. Once completed, and migrated the
openid.osgeo.org would resolve to the main machine ... the same
system that has the ldap on it.
> Steps to getting this to work:
> * Getting the error display for PHP truned on, so that the rest of the
> system can be debugged in its current state. This may involve needing
> root on some machine to install some packages -- I'm not sure yet.
> More importantly, a PHP directory I can write to on some server that
> can talk to LDAP is important
> * Once the system is up and running, styling the templates to look like
> the OSGeo homepage.
We aren't really too good at standardized look and feel, and I'd
suggest that doing this for the openid stuff could be pretty low
priority.
> * Making profile editing links go directly to OSGeo pages, rather than
> having any internal profile information.
I gather you mean making use of forms like
https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py
Is that right?
> * Cleaning up URLs, so that '/crschmidt' is used instead of
> ?user=crschmidt
Is this within the PHP openid interface application?
> * Making the 'this is the profile page for' pages have relevant
> links:
> http://crschmidt.net/~crschmidt/PHP-server-1.1/src/?user=crschmidt
Are you suggesting that there should be an informational page
similar to ldap_edit_user.py? Or is this something you would
do within the openid php stuff?
> I'm willing to do all the work here, so long as someone gives me the
> information on where I need to be doing the work so that I don't screw
> anything up. :)
I'm willing to help a bit.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From trac_osgeo at osgeo.org Mon Jul 30 09:54:46 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Mon Jul 30 09:54:47 2007
Subject: [SAC] [OSGeo] #129: HTML-IRC Interface missing channels
Message-ID: <043.77aae6a0e6a16180f952eb2074a59a3c@osgeo.org>
#129: HTML-IRC Interface missing channels
---------------------------+------------------------------------------------
Reporter: tbaschetti | Owner: sac@lists.osgeo.org
Type: task | Status: new
Priority: normal | Component: SAC
Keywords: IRC, mapbender |
---------------------------+------------------------------------------------
The HTML-IRC interface at http://irc.telascience.org/ is missing channels
which have been there before, i.e. #mapbender
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From trac_osgeo at osgeo.org Mon Jul 30 10:13:37 2007
From: trac_osgeo at osgeo.org (OSGeo)
Date: Mon Jul 30 10:13:37 2007
Subject: [SAC] Re: [OSGeo] #129: HTML-IRC Interface missing channels
In-Reply-To: <043.77aae6a0e6a16180f952eb2074a59a3c@osgeo.org>
References: <043.77aae6a0e6a16180f952eb2074a59a3c@osgeo.org>
Message-ID: <052.76d843204a8ad00f22ed7d96e4c3a233@osgeo.org>
#129: HTML-IRC Interface missing channels
-------------------------+--------------------------------------------------
Reporter: tbaschetti | Owner: sac@lists.osgeo.org
Type: task | Status: closed
Priority: normal | Component: SAC
Resolution: fixed | Keywords: IRC, mapbender
-------------------------+--------------------------------------------------
Changes (by warmerdam):
* status: new => closed
* resolution: => fixed
Comment:
The irc.telascience.org stuff seems to have moved to a new system and been
reset-up. I think this was done by John after a hard death for the
previous hosting system.
I have logged in as root and added #mapbender,#mapguide,#fdo and
#foss4g2007.
For those with root on hypersphere the configuration file is:
/usr/local/apache2/cgi-bin/cgiirc.config
--
Ticket URL:
OSGeo
OSGeo committee and general foundation issue tracker.
From arnulf.christl at wheregroup.com Mon Jul 30 14:41:46 2007
From: arnulf.christl at wheregroup.com (Arnulf Christl)
Date: Mon Jul 30 14:43:02 2007
Subject: [SAC] Re: [Webcom] Install: Moodle, journal, conference systems
In-Reply-To:
References:
Message-ID: <33164.192.168.0.5.1185820906.squirrel@center>
On Sun, July 29, 2007 06:25, Tyler Mitchell (OSGeo) wrote:
> Hi everyone, I've been testing out a few different systems that
> various committees, projects, etc. pointed me to and am ready to install
> them on osgeo1.
>
> The applications in question are:
> * Moodle: http://moodle.org/ - course management system for online
> learning (for Edu Com), already in use by some EduCom curriculum
> contributors, comes with good recommendation and familiarity by others.
>
> * Open Conference System (OCS): http://pkp.sfu.ca/ocs/ (for
> Conference Com), to improve committee level access for event
> planning, session tracking, file management, maintaining a legacy of
> conference information, etc. To serve minimally as an easy way to handle
> preliminary planning, hosting some files, etc. Potentially as a
> year-to-year system for tracking our main events.
>
> * Open Journal System (OJS): http://pkp.sfu.ca/ojs/ (for Journal
> project), to improve the set up, review, creation, publication, indexing,
> etc. of OSGeo Journal. This is primarily a workflow application that
> helps tie together various stages of journal preparation.
>
> All of the above are stable, mature projects built using, in our
> case, MySQL and PHP. While it is theoretically possible to mirror their
> functionality using custom Drupal development, I believe that is not the
> best approach, nor feasible at this point in time. There are others I've
> talked to that have a similar set up as ours, Drupal, plus these other
> apps, plus LDAP and mediawiki.
>
> They also all support LDAP. There is also some work going on to
> supply a php-based single-sign-on for these projects. My experience using
> them has also been positive - the systems are highly responsive, easy to
> install and compact in size. But the biggest impact will be when it has
> made it easier for others in our community to maintain the content in
> their systems.
>
> If anyone has any questions, concerns or issues they want to discuss
> before I proceed on installation, please let me know. I would like to
> start this soon.
>
> Tyler
+1
Cool to all of them.
Oh, I must amend this to a +0 because a +1 would imply my being able to
help. Old and slow as I am I have trouble keeping up. We should discuss
operation of the new gadgets at FOSS4G. Can we have a WebCom f2f meeting
there?
Best regards,
Arnulf
From crschmidt at metacarta.com Mon Jul 30 18:50:20 2007
From: crschmidt at metacarta.com (Christopher Schmidt)
Date: Mon Jul 30 18:50:14 2007
Subject: [SAC] Offering OpenID for OSGeo Users
In-Reply-To: <46ADE2A6.6020800@pobox.com>
References: <20070730124511.GA6462@metacarta.com> <46ADE2A6.6020800@pobox.com>
Message-ID: <20070730225020.GA8195@metacarta.com>
On Mon, Jul 30, 2007 at 09:07:50AM -0400, Frank Warmerdam wrote:
> Christopher Schmidt wrote:
> >In an effort to make it easier to use OSGeo identities in a
> >distributable way, it would be possible to set up a PHP Standalone
> >OpenID Server[3] to authenticate against LDAP.
> ...
> >I started playing with this last night, on geodata.telascience.org
> >(which can talk to the LDAP server). I think I'm actually pretty close
> >to getting it working, but I don't have root on the box, and the PHP
> >settings are to hide all errors, so I'm having a lot of trouble
> >debugging it. :)
>
> Chris,
>
> I think providing openid access to ldap authentication sounds like
> a good idea if you can be fairly certain that it isn't going to
> introduce security problems. That is, are you pretty confident of
> the stability of the PHP code used to implement this gateway?
Certainly, insofar as the interaction with LDAP is concerned. The rest
of the code I'm less explicitly familiar with -- I've written the LDAP
integration myself, whereas the rest of it is existing code. However,
I've read through enough of it to feel reasonably confident --
certainly, I've read more of the code, percentagewise, than Drupal ;)
> Did you do this work referencing ldap.osgeo.org or the ldap used for
> the telascience blades? I didn't think that the telascience blades
> currently had access to ldap.osgeo.org at all but I could be behind
> the times.
The geodata.telascience one apparently does currently.
> The test.osgeo.org machine has access to ldap.osgeo.org, and is
> configured quite similarly to the main machine so it should be easy
> to migrate stuff over. Once completed, and migrated the
> openid.osgeo.org would resolve to the main machine ... the same
> system that has the ldap on it.
Is the existing test.osgeo.org server significantly different from
geodata.telascience.org? If so, is it likely to be in a way that
matters to me?
> >Steps to getting this to work:
> > * Getting the error display for PHP truned on, so that the rest of the
> > system can be debugged in its current state. This may involve needing
> > root on some machine to install some packages -- I'm not sure yet.
> > More importantly, a PHP directory I can write to on some server that
> > can talk to LDAP is important
> > * Once the system is up and running, styling the templates to look like
> > the OSGeo homepage.
>
> We aren't really too good at standardized look and feel, and I'd
> suggest that doing this for the openid stuff could be pretty low
> priority.
I understand that. I also think it's a flaw that I'd like to avoid with
the OpenID system :)
> > * Making profile editing links go directly to OSGeo pages, rather than
> > having any internal profile information.
>
> I gather you mean making use of forms like
>
> https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py
Yep. Or possibly just pulling the link out altogether. It's not clear
yet how much of the profile information I'll be able to use --
certainly, no profile information is required at all for OpenID support,
but some sites do support automated filling in of profile information
based on an OpenID extension, so if I can figure out how to get it
loaded into the PHP OpenID framework, that would be great.
> > * Cleaning up URLs, so that '/crschmidt' is used instead of
> > ?user=crschmidt
>
> Is this within the PHP openid interface application?
Yes, and/or the .htaccess controlling it.
> > * Making the 'this is the profile page for' pages have relevant
> > links:
> > http://crschmidt.net/~crschmidt/PHP-server-1.1/src/?user=crschmidt
>
> Are you suggesting that there should be an informational page
> similar to ldap_edit_user.py? Or is this something you would
> do within the openid php stuff?
This is, again, within the OpenID stuff: I just want the page
'http://openid.osgeo.org/crschmidt' to say something like:
"This is the OSGeo OpenID page for Christopher Schmidt. His OSGeo
account page is available on the main
osgeo site."
or something like that.
Thanks for the feedback!
Regards,
--
Christopher Schmidt
MetaCarta
From crschmidt at metacarta.com Tue Jul 31 02:20:20 2007
From: crschmidt at metacarta.com (Christopher Schmidt)
Date: Tue Jul 31 02:20:18 2007
Subject: [SAC] Dev OpenID Server up and running
Message-ID: <20070731062020.GA9341@metacarta.com>
So, I spent tonight and got the OpenID server up, running, and working,
so far as I can tell.
I've also got it styled like the OSGeo homepage.
http://geodata.telascience.org/openid/
When you login there, you're offered information on how to login with
your OpenID: Just use, for example,
http://geodata.telascience.org/openid/?user=crschmidt at
http://spatialreference.org/openid/ .
The only thing that this doesn't implement, afaik, is the redirection
from openid/crschmidt to openid?user=crschmidt, but I figured that was
possible to do after we got it set up on the live server more easily
anyway.
Comments, suggestions, and migration paths to forward with getting this
deployed welcome. Note that if we decide to do so, I could even deploy
it on the geodata blade, though I would need to be sure that I was aware
of any possible issues that might entail.
Regards,
--
Christopher Schmidt
MetaCarta
From lorenzo at ominiverdi.com Tue Jul 31 06:40:31 2007
From: lorenzo at ominiverdi.com (Lorenzo Becchi)
Date: Tue Jul 31 06:40:39 2007
Subject: [SAC] Dev OpenID Server up and running
In-Reply-To: <20070731062020.GA9341@metacarta.com>
References: <20070731062020.GA9341@metacarta.com>
Message-ID: <46AF119F.4000300@ominiverdi.com>
Good job, Chris
I've just tested it and worked fine.
If help is needed for the look and feel, I'll be available.
I guess, once in production, the OpenId page should better stay only on
a SSL connection; so no passwords will ever move on plain text.
ciao
Lorenzo
Christopher Schmidt wrote:
> So, I spent tonight and got the OpenID server up, running, and working,
> so far as I can tell.
>
> I've also got it styled like the OSGeo homepage.
>
> http://geodata.telascience.org/openid/
>
> When you login there, you're offered information on how to login with
> your OpenID: Just use, for example,
> http://geodata.telascience.org/openid/?user=crschmidt at
> http://spatialreference.org/openid/ .
>
> The only thing that this doesn't implement, afaik, is the redirection
> from openid/crschmidt to openid?user=crschmidt, but I figured that was
> possible to do after we got it set up on the live server more easily
> anyway.
>
> Comments, suggestions, and migration paths to forward with getting this
> deployed welcome. Note that if we decide to do so, I could even deploy
> it on the geodata blade, though I would need to be sure that I was aware
> of any possible issues that might entail.
>
> Regards,
>
From warmerdam at pobox.com Tue Jul 31 11:27:43 2007
From: warmerdam at pobox.com (Frank Warmerdam)
Date: Tue Jul 31 11:26:57 2007
Subject: [SAC] Dev OpenID Server up and running
In-Reply-To: <20070731062020.GA9341@metacarta.com>
References: <20070731062020.GA9341@metacarta.com>
Message-ID: <46AF54EF.4040306@pobox.com>
Christopher Schmidt wrote:
> Comments, suggestions, and migration paths to forward with getting this
> deployed welcome. Note that if we decide to do so, I could even deploy
> it on the geodata blade, though I would need to be sure that I was aware
> of any possible issues that might entail.
Chris,
I'm fine with leaving this on geodata.telascience.org if it is working well
there. I think Howard or I can setup openid.osgeo.org to point there.
I would like to encourage you to setup a wiki page in the osgeo wiki, linked
off the SAC page (or perhaps the SAC LDAP page assuming there is such a thing)
that describes the service, and how it is setup. I'd also like to see a
tar file of the majority of the software configuration living somewhere
other than the geodata machine so we can set things up again fairly quickly
should that machine suffer a serious meltdown.
Once the openid.osgeo.org link is setup, I'd like to add a brief mention of
this openid service at http://www.osgeo.org/osgeo_userid.
Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org
From Jason.Birch at nanaimo.ca Tue Jul 31 11:33:18 2007
From: Jason.Birch at nanaimo.ca (Jason Birch)
Date: Tue Jul 31 11:33:20 2007
Subject: [SAC] Dev OpenID Server up and running
In-Reply-To: <46AF54EF.4040306@pobox.com>
Message-ID: <8E468917B01800408B91984428BE03DD072A56AC@starfish.nanaimo.ca>
Frank,
I don't think that the wildcard SSL cert is set up on geodata? I think
that this would be a requirement if it is going to be hosted there.
Initially geodata may make sense, but I wonder if the availability of an
authentication system would warrant having it on the main servers. The
only problem then would be administering it, with the limited logins
allowed there.
Jason
-----Original Message-----
From: Frank Warmerdam
Subject: Re: [SAC] Dev OpenID Server up and running
I'm fine with leaving this on geodata.telascience.org if it is working
well there. I think Howard or I can setup openid.osgeo.org to point
there.
From crschmidt at metacarta.com Tue Jul 31 11:57:46 2007
From: crschmidt at metacarta.com (Christopher Schmidt)
Date: Tue Jul 31 11:57:38 2007
Subject: [SAC] Dev OpenID Server up and running
In-Reply-To: <8E468917B01800408B91984428BE03DD072A56AC@starfish.nanaimo.ca>
References: <46AF54EF.4040306@pobox.com>
<8E468917B01800408B91984428BE03DD072A56AC@starfish.nanaimo.ca>
Message-ID: <20070731155746.GA11029@metacarta.com>
On Tue, Jul 31, 2007 at 08:33:18AM -0700, Jason Birch wrote:
> Frank,
>
> I don't think that the wildcard SSL cert is set up on geodata? I think
> that this would be a requirement if it is going to be hosted there.
Note that no/few other OSGeo login services use SSL -- trac, the main
homepage, etc.
Regards,
--
Christopher Schmidt
MetaCarta