www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Stevenson <pct...@apache.org>
Subject Re: LDAP : first step
Date Mon, 22 Dec 2008 00:13:44 GMT


Emmanuel L├ęcharny wrote:
> 
>>> I see your point. And we'd better put every non-committers created on 
>>> another LDAP server too, in order to avoid DOS (creating an entry on 
>>> LDAP is _costly_, I can imagine some robots creating thousands of 
>>> entries in confluence for many reasons...)
>>
>> This was actually a point raised on IRC earlier this week.  One LDAP 
>> server for "internal" services.  Another for public accounts on 
>> services such as moinmoin, conflucence, bugzilla.
>>
>> Could we potentially get the internal services LDAP server to sync one 
>> way with a public services LDAP instance, and merge with the public 
>> services instance?
> No need to do that. Better use some referral.
>> So that committers can login using their availid, etc.  Without the 
>> need to configure 2 LDAP servers.
> Here, we need to know how confluence, moin-moin, bugzilla, etc... are 
> identifying users with LDAP.


Yeah, but for now lets concentrate on the committers, and sorting that. 
We can worry about how to make these work, how we want them too when we 
get to that bit.

Lets run with my tree example, for now, and if we find it does not suit 
we can customise it, after all this is still testing.

Emmanuel.  Will you have some free cycles in the coming days to go 
through an install of ApacheDS on Solaris with me?


Cheers,
Tony


-- 


-----------------------------------------
Tony Stevenson
tony@pc-tony.com  //  pctony@apache.org
http://www.pc-tony.com/

1024D/51047D66 ECAF DC55 C608 5E82 0B5E  3359 C9C7 924E 5104 7D66
-----------------------------------------

Mime
View raw message