incubator-allura-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Brondsema <>
Subject usernames on forge-allura.a.o - for ASF committers and for everyone else
Date Thu, 19 Sep 2013 21:38:59 GMT
Before we move tickets over, I think we should have a good login system that'll
work long-term.

I would like to support ASF committers logging in via ASF LDAP (infrastructure
can set up an auth proxy in front of Allura).  If Allura gains popularity among
other projects in Apache (and I hope it does), we could have a lot of ASF users
on it, and managing that through the official LDAP system will help a lot.

I think we'll also want anyone to be able to create an account so that they can
report a bug, make a comment, etc.

Setting up an auth provider which can handle both would be ideal.  A problem,
though is username conflicts.  Even if we prevent users from registering with
usernames that match existing ASF accounts, we could have a future problem if a
new ASF committer chooses a username that a "regular" person has on Allura already.

A possible solution is to "namespace" the usernames so that these two are
separate and can't conflict.  An underscore "_" is not allowed in ASF usernames,
so it could be automatically appended to all "regular" Allura usernames (on
forge-allura.a.o instance only of course).  Or we could put something on all ASF
committer usernames like an "asf-" prefix.  I prefer to keep the ASF committer
usernames unchanged since they will be the biggest potential users of Allura, so
I'd go with johndoe_ format for non-ASF accounts on our instance of Allura.

Messing with people's usernames is kind of ugly, but at least with them
separated we'll have a clear distinction between the types and thus be able to
make changes later, if needed.

Thoughts, or better ideas?

If we agree, we can begin working on this in a custom authentication provider.

Dave Brondsema : : personal : programming

View raw message