[SAC] [OSGeo] #165: Wiki LDAP integration
Alex M
tech_dev at wildintellect.com
Mon Sep 18 15:41:57 PDT 2017
I hadn't thought about emailing account holders. Yes you could restrict
to LDAP only login, but there needs to be a page where we can redirect a
user setup their LDAP. If they have a wiki account they would need to
login to verify who they are, unless you were thinking unique url per
email recipient.
There is little hope of trying to figure out LDAP to wiki matches
without user input.
Thanks,
Alex
On 09/18/2017 03:36 PM, Jorge Gustavo Rocha wrote:
> Hi Alex,
>
> Thanks for your comment. I need to look at the data to have a better
> understanding.
>
> Your suggestion is just to create (or link) LDAP accounts from local
> wiki accounts when the user logins, one by one? I thought that we could
> try to create new LDAP entries for all local wiki accounts in one batch
> and keep the logins restrict to LDAP accounts. Each user would receive
> an email with a link to update his LDAP entry.
>
> Regards,
>
> Jorge
>
> On 18-09-2017 23:09, Alex M wrote:
>> 5. Decide how to reconcile existing accounts.
>>
>> This is actually the reason it hasn't happened in the past.
>>
>> My suggestion is, activate LDAP. Force existing users when they login to
>> authenticate(link) or create an LDAP account. For any new users only
>> allow LDAP based login. Does this cause problems if the names don't match?
>>
>> To go the to other way opens up the possibility that someone could take
>> over another persons wiki account by creating a matching LDAP account.
>>
>> Thanks,
>> Alex
>>
>> On 09/18/2017 01:51 PM, Jorge Gustavo Rocha wrote:
>>> Hi,
>>>
>>> I volunteer to make the LDAP integration.
>>> I'm an "InActive" SAC member [2].
>>>
>>> I've already done so. We need to:
>>> 1. Install the LDAP Authentication extension [1];
>>> 2. Configure LocalSettings.php
>>> 3. Update DB tables
>>> 4. Decide if we can write LDAP from wiki (eg. if we allow
>>> 'createaccount' permission in mediawiki and update LDAP with the new
>>> account).
>>>
>>> [1] https://www.mediawiki.org/wiki/Extension:LDAP_Authentication
>>> [2] https://wiki.osgeo.org/wiki/Jorge_Gustavo_Rocha
>>>
>>> Best regards,
>>>
>>> Jorge Gustavo
>>>
>>> On 16-09-2017 10:58, OSGeo wrote:
>>>> #165: Wiki LDAP integration
>>>> ------------------------+-----------------------
>>>> Reporter: crschmidt | Owner: astrodog
>>>> Type: task | Status: assigned
>>>> Priority: normal | Milestone:
>>>> Component: Wiki | Resolution:
>>>> Keywords: ldap, wiki |
>>>> ------------------------+-----------------------
>>>>
>>>> Comment (by strk):
>>>>
>>>> +1 on paying for this.
>>>>
>>>> How about sending an official motion to the list to
>>>> make a call for offers to deal with it ?
>>>>
>>>> --
>>>> Ticket URL: <https://trac.osgeo.org/osgeo/ticket/165#comment:21>
>>>> OSGeo <http://www.osgeo.org/>
>>>> OSGeo committee and general foundation issue tracker.
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Sac mailing list
>>>> Sac at lists.osgeo.org
>>>> https://lists.osgeo.org/mailman/listinfo/sac
>>>>
>>> _______________________________________________
>>> Sac mailing list
>>> Sac at lists.osgeo.org
>>> https://lists.osgeo.org/mailman/listinfo/sac
>>>
>>
More information about the Sac
mailing list