[Moin-user] integrated authentication (Moin, Bugzilla, Gitosis, etc)

Sat Feb 25 05:31:12 EST 2012

On 24/02/12 23:34, Paul Boddie wrote:
> On Friday 24 February 2012 21:22:37 Daniel Pocock wrote:
>>
>> Could ACLs and everything else in Moin use the email address in place of
>> the name value?  Or could the email address be safely used in the name
>> field?
> 
> On one Moin deployment, I use each user's e-mail address as their username. If 
> this doesn't work with ACLs for some reason, I'd be interested in making a 
> patch that makes it work.

Did you have to make any hacks or patches to support that?

The email address shows up on screen, e.g. where it shows the user who
last changed a particular page?

And the email address is valid in the name of the user's own page, e.g.:

http://moin-wiki.example.org/wiki/user@example.org

or is anything likely to choke on the @ symbol?

>> You save the best bit for last: letting the user log in with the email
>> address would make it work just like Bugzilla and Mailman
> 
> Having to use an e-mail address as a username is something of a limitation 
> with Bugzilla, which I also use together with Wiki installations, but you can 
> certainly adopt that scheme with Moin, too. In effect, you can delegate the 
> authentication to Apache, use GivenAuth to access the REMOTE_USER details (as 
> Thomas pointed out), and then you're mostly avoiding any registration process 
> within Moin.

I understand there are limitations with using the email address, e.g.
some users want their email address private.  On the other hand, that is
also troublesome, because users want to communicate with each other, and
if the email addresses are hidden, then a private messaging system is
needed, and some users don't like that either.  In other words, no
perfect answer.

On the other hand, whether it is public or private, the email address is
very useful as a login credential:
- just about every user has one
- when the user is asked for their email address in a login box, they
don't have to try and remember it
- on large systems, registering is easier, because users with
particularly common names don't have to keep trying to guess a login
name that is not already taken
- and the fact that other systems already use email address

So maybe the solution for my own Moin deployment would involve:
- user logs in with email address
- user chooses a display name on the first login or it looks up the name
on subsequent logins (the system would not be able to translate
email->display name with a regex)
- the display name appears on any pages they edit, etc