[SAC] Re: [OSGeo] #103: Move main OSGeo Wiki to OSGeo
infrastructure
Christopher Schmidt
crschmidt at metacarta.com
Thu Nov 1 20:22:49 EDT 2007
On Fri, Nov 02, 2007 at 01:01:00AM +0100, Martin Spott wrote:
> On Thu, Nov 01, 2007 at 09:38:37PM -0000, OSGeo wrote:
>
> > http://openid.osgeo.org/
>
> I certainly don't want to sound harsh. Yet I'd like to pronounce my
> concern which regards running a 'critical' authentication service on a
> machine that probably only very few SAC members have admin access to,
> that runs on a single disk with no backup and that offers a login page
> to transfer unencrypted passwords.
The service should be trivial to set up on any machine that has PHP +
LDAP Auth, plus MySQL installed.. The code is tarballed and backed up
described on http://wiki.osgeo.org/index.php/OpenID/SAC .
As Frank said:
"I'm fine with leaving this on geodata.telascience.org if it is working
well there. I think Howard or I can setup openid.osgeo.org to point
there." -- http://lists.osgeo.org/pipermail/sac/2007-July/000727.html
At the time, I pointed out:
"""
> I don't think that the wildcard SSL cert is set up on geodata? I
> think
> that this would be a requirement if it is going to be hosted there.
Note that no/few other OSGeo login services use SSL -- trac, the main
homepage, etc.
"""
-- http://lists.osgeo.org/pipermail/sac/2007-July/000729.html
(I don't think that any further discussion occured in a recorded way at
that time -- I brought it up with Howard on IRC possibly, but can't find
any reference.)
> I acknowldege that OpenID is a nice game, maybe even a useful service.
> Yet I'd propose to proceed a bit more careful when it comes to
> authentication services.
Okay. Note that nothing has really changed in this regard:
openid.osgeo.org has been up and running since the end of July. It's not
a new service, I just actually got reminded I had set it up.
> Is there any OSGeo Trac ticket, has there been any discussion on
> offering an OSGeo OpenID service ? I'm unable to find such thing in
> OSGeo Trac.
I did it on the mailing list instead of on trac.
Regards,
--
Christopher Schmidt
MetaCarta
More information about the Sac
mailing list