incubator-clerezza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henry Story (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLEREZZA-515) ugly account name when logging into ZZ with a foreign WebID
Date Thu, 26 May 2011 10:59:47 GMT

    [ https://issues.apache.org/jira/browse/CLEREZZA-515?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13039643#comment-13039643
] 

Henry Story commented on CLEREZZA-515:
--------------------------------------

>> A Veto the proposed resolution to CLEREZZA-515 for the following reasons:

   I'll answer your points below carefully. I am doing it here, because I saw no detailed
response in the mailing list.

>> - WebId Users no longer show up in the usermanager.

That is probably because the user manager is working on the notion of "user"
as being only determined by zz:username string. The WebID user is identified
with a URI on the other hand. He does not yet have a username, and may
in fact never desire to have a local account on your machine. Imagine all the
WebID robots that may just come and fetch a page from your machine, just because
they are crawling a foaf file. Are you going to give account names to each of them?

What account names?

The only way you can do this is by giving ugly account names to all users  ie: mechanically
generated ones.  When  some of these users then wish to 
have memorable names you will then have a problem of dealing with the legacy names
they were given.

>>  this is a major regression as the usage p'attern currently known to me is as follows:
>> my friends log-in with webid and the I go to user-manager and give
>> them additional rights

It is only going to be MAJOR for you reto and a couple of other people, since not that many
are using WebIDs.
So it is not that big of an issue.

In any case it is not very satisfactory in a more distributed world (it is fine
for closed worlds) for quite a number of reasons:

 1. the account control panel only shows you a small set of information about that user. My
guess is that it will just 
show the claimed username and something  else.
 2. It is not declarative enough.

The better solution is to add the webids to your friends list,  and then have rules such as

   "all friends of mine can do X" 

This is where I think we need to be moving towards in terms of access =
control.

So then it remains to make it easy to add people to your friends list. =
This is why  I have been developing the person browser

Here is the view on Dan Brickeley

https://bblfish.net:8443/browse/person?uri=3Dhttp%3A%2F%2Fdanbri.org%2Ffoaf.rdf%23danbri
   
Users that do have accounts on my machine, will see little buttons appear that will allow
them in one  click to add Dan as friends. That will then give Dan Access to all the things
they allow their friends to access - without requiring Dan to have an account!

>> - The Issue is about showing the name that is good looking, imho the
>> foaf:Name would satisfy this requirement better than the WebId URI

The issue is not just about the name that is displayed in the UserInterface. Of course a foaf:name
can be put there. The issue is that the current =
solution also creates ugly account names, such as

    http://farewellutopia.com/user/http_bblfish.net_.../profile

Account names should only be needed when people have decided to open a local account.

>> - Even if I give all users permission to access the account-control-panel (selecting
>>  (org.apache.clerezza.platform.accountcontrolpanel.AccountControlPanelAppPermission
>> "{username}" "") for the base-permission-role) Roaming Users no longer
>> see the ACP. This is probably a problem that {username} is no longer
>> supported.

Yes, users without local accounts, don't have an account to look at. That is why I have been
developing the ProfileViewer, so they can look
at what we see of their profile as their home page, if they want. That page can then also
ask them if they wish to create an account locally.

That is the moment at which they can then choose the account name they prefer to have. That
is an extra service that is easy to add.

>> - The resolution goes far out of the scope of the issue. I have no
>> strong opinion on whether the larger refactoring from using Subjects
>> instead of the UserName is beneficial. I think I'd tend to postpone
>> such a refactoring (if it turns out to be needed) to after the first
>> release. BUT: even if I should conclude that the refactoring is needed
>> or even urgent this should be in a dedicated issue and not in one  that
>> addresses the aesthetics of the shown account name ("ugly")

I think this patch addresses the full aspect of account names. The 
initial description showed the place where that ugliness appeared. But this
is in line with the rest of my work on the authentication in Clerezza
related to WebID.


>> A solution to show the foaf:name (or atlernatively foaf:nick)  on the top-right corner
shouldn't take more than a patch
>> of a couple of lines. I show on my wall at  https://farewellutopia.com/public-wall
that it is possible with
>> existing infrastructure (the post show the foaf:name) to implement
>> this.

When I go there I still get the huge ugly name. But anyway, I don't doubt that you can replace
it by a foaf:name. 
That is not the only issue that is being addressed here.


> ugly account name when logging into ZZ with a foreign WebID
> -----------------------------------------------------------
>
>                 Key: CLEREZZA-515
>                 URL: https://issues.apache.org/jira/browse/CLEREZZA-515
>             Project: Clerezza
>          Issue Type: Bug
>            Reporter: Henry Story
>
> When loggin in with my WebID http://bblfish.net/people/henry/card#me I get a login name
>      http___bblfish.net_people_henry_card_me
> that is really ugly, and does not fit on the top page.  It is not even guaranteed to
be unique, so that it could
> lead to acces control issues.
>    The server should try to display a name that is good looking, perhaps the person first
name, last name, or 
> nickname found in the profile document.  What if none of those exist? Would a short automatically
created name
> not be better? Any ideas?

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message