www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Stevenson <pct...@apache.org>
Subject Re: Centralised authentication/authorisation
Date Mon, 15 Dec 2008 20:24:55 GMT
chris wrote:

> Throwing my hat in the ring to help with this however I can.

Excellent, that is four of us now.

& Graham

Shall we proceed?  If others wan't to join in they're more than welcome, 
of course.

The overview so far:

* We (the ASF) need to use LDAP for centralised authenication
* LDAP (in whatever guise) needs to support multiple native LDAP clients
* We must have multi-site, and multi-master capabilities
* Initially we will only consider SVN & shell access to people.a.o as
* Singular userid for all users in the ASF.  Most likely their ASF

What we are not considering yet:

* Using LDAP with ther public services (JIRA, bugzilla, et al)
* Extending the OC any further, than required, to support goals above.
* Using LDAP for non-ASF users. i.e. public reporters of bugs via

So as I see it, we now need to agree on how we want to proceed.  I 
imagine agreeing on the structure OC for ASFPerson as a good a place as 
any, then we can move on to how we want to organise the LDAP tree.

Again I am strongly in favour of keeping this as simple as possible.

I quite like emmanuel's previous ideas for the OC structure for 
ASFPerson.  Can we build on this?

What information do we want to store in this OC?  I have placed an 
example brief, copy of something taken from several emails to this list, 
and shoved into the project folder in SVN.



Tony Stevenson
tony@pc-tony.com  //  pctony@apache.org

1024D/51047D66 ECAF DC55 C608 5E82 0B5E  3359 C9C7 924E 5104 7D66

View raw message