[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Summit hacking / Single Sign On (DC14 registration)

Hi, I'm attempting to hack on summit this weekend, and need to clear up
some confusion after having reviewed the recent Debian SSO work and in
particular this bit:

  “The web password is one way of logging into Debian's single sign-on
   system.  There may be other ways (such as via Alioth) deployed in the
   future.  Unfortunately this means that at the moment only Debian
   Developers can authenticate using single signon.”¹

Also this bit:

  “Agenda • add Alioth LDAP backend for identifying users”²

… so in other words I, for example, wouldn't be able to login with my
Alioth account 'gturner-guest'.

Too bad because I was hoping to wire in LDAP via python-django-auth-ldap
which would be easier for me as I'm sort of a kooky paranoid web auth
hater :P

So maybe I'm getting it wrong - via OAuth2 are we supposed to allow any
old Google/Facebook/whatever account to register for DC14?  For some
reason I was on the track that having an Alioth account was required
(perhaps for export/processing registration data downstream).

¹ https://wiki.debian.org/DebianSingleSignOn
² https://wiki.debian.org/Sprints/2014/SSOSprint

Gerald Turner <gturner@unzane.com>        Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D

Attachment: pgp4owGS7TM7A.pgp
Description: PGP signature

Reply to: