incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <>
Subject Re: Can we move forward with shutting down the email forwarder?
Date Tue, 07 Feb 2012 13:34:20 GMT
On Tue, Feb 7, 2012 at 4:00 AM, Andrea Pescetti <> wrote:
> On 07/02/2012 Dave Fisher wrote:
>> On Feb 6, 2012, at 5:28 PM, Rob Weir wrote:
>>> Back in December, I was helping put together a plan for shutting down
>>> the legacy email forwarder.  That work was on the wiki and the mailing
>>> list.  It was put on hold due to concerns that the forwarding service
>>> might have a complex relationship with one or more other subsystems,
>>> such as Bugzilla and the Extension/Template repository.
>>> Was this ever resolved?
>> Yes. We can't login to E&  T. The two are detached. No reason here to keep
> On the contrary, this is the main reason to keep the
> forwarders.
> Let me outline the only way I see to save the current users on Extensions
> and Templates:
> 1) Currently, login is supposed to happen thrugh some web services provided
> by (possibly; this
> facility has been unavailable for five weeks (possibly due to the DNS
> migration, possibly not) and it does not rely on the
> forwarders being available. However, currently nobody can access Extensions
> or Templates, meaning there is no way to update an Extension or upload a new
> one.

I don't think is coming back.

> 2) Very likely the Drupal system on Extensions and Templates, upon
> successful login, duplicated usernames. This is why you see "pescetti" at
> ; however,
> it didn't duplicate passwords or e-mail addresses.

So we think that the Drupal app used EIS for authentication?

> 3) The authentication mechanism on Extensions and Templates is changed so
> that usernames are kept, but passwords and e-mail addresses are stored in
> the local database instead of being retrieved from the (unavailable)
> web services. Of course, we only have valid usernames at this
> point, not passwords or e-mail addresses.

Are you saying that this has already been done?  Or are you saying
that this should be done?

> 4) Collecting all the usernames from the Drupal database will give us the
> list of all users (in the form "pescetti") but not their e-mail addresses;
> so in order to e-mail them we will need to use the corresponding
> forwarder, obtaining by appending "" to the
> username. This is why we can't retire them now.
> 5) The e-mail contains a one-time login link, allowing the user to change
> his password and e-mail address; the form validation will reject addresses
> in the form; the new password and e-mail address are
> stored in the Drupal database and the dependency on
> forwarders is solved.

OK.  So you are essentially saying that we need the forwarders to
continue in order to communicate with extension developers one more
time, to let them know that they need to reset their passwords.

> If this doesn't happen, there will be no way for any extensions maintainer
> to update his extensions; only point 3 above could be executed, meaning that
> in order to upload a new version of the Italian dictionary I would have to
> create a new account, a new extension and upload my new release (and of
> course break extension updates on the client, i.e., breaking the update
> check in OpenOffice).

Updates are broken already, because of the loss of Berkley DB, right?
So with AOO 3.4 all extensions will need to be reinstalled and the
update mechanism going forward will need to be adapted.

In any case, since we're not planning on restoring EIS, this is really
a communications problem.   But we will need to coordinate with
SourceForge on how (and when) we do this. In theory we could just
create temporary passwords and send them to extension authors today.
But we know they'll just lose them.  So we'll want to wait until the
new server is ready for authors to login again, and then send the
temporary passwords.  Then we can shut down the forwarder.

Does that make sense?


> Regards,
>  Andrea.

View raw message