flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christofer Dutz <christofer.d...@c-ware.de>
Subject Re: Login Security (was Re: Donating to Apache Flex)
Date Mon, 13 Feb 2017 22:45:50 GMT
Hi Alex,

Well I think we shouldn’t go down the path of yet another login. I really like the ASF LDAP
system. This must be managed and taken care of.

Chris


Am 13.02.17, 17:25 schrieb "Alex Harui" <aharui@adobe.com>:

    Another technical thread....
    
    On 2/13/17, 12:28 AM, "Christofer Dutz" <christofer.dutz@c-ware.de> wrote:
    >
    >There is a HUGE difference between setting up a Jenkins on the Intranet
    >and running a Jenkins on the Internet. From the end-user’s perspective,
    >this isn’t noticeable, but when administrating these system, it is huge.
    >I had been working on a solution for assisting companies to detect and
    >fix security vulnerabilities for 4-5 years and have learnt quite a lot on
    >this. Just some things that would pop my mind:
    >- You must integrate the authentication into the ASF LDAP (Setting up a
    >separate one is out of the question)
    
    Why is this a requirement?  ASF Wiki and ASF Jenkins have separate account
    systems?  Don't many folks have logins and multiple users for VMs running
    in Azure and AWS?
    
    Thanks,
    -Alex
    
    

Mime
View raw message