[Moin-user] integrated authentication (Moin, Bugzilla, Gitosis, etc)

Daniel Pocock daniel at pocock.com.au
Thu Feb 23 12:53:52 EST 2012 



Hi,

I'm looking at running a number of services (Moin, Bugzilla, Gitosis)
for public access

Specifically, this will support a number of open source projects, such
as www.opentelecoms.org and www.lumicall.org

To make it convenient and maximise participation, I want to set up a
common registration/login system for all the software and across
multiple domains (e.g. multiple instances of Moin).  However, each
system has slightly different behavior:

- Bugzilla uses the email address as a primary key, together with RADIUS
or LDAP
- gitosis inherits git's schema: uses the email address as the primary
key, together with RSA auth
- Moin uses a numeric `user id' value that appears in the page
revisions, and then it stores email address, name (e.g. DanielPocock)
and an alias

There are a few queries that I have about how Moin will fit into this
picture:

- can anyone point me to an existing howto or blog about building
something like this?

- although they do not appear to be the primary key, do the `name' and
`alias' values have to be unique?  I'm guessing that is the case, but as
it will be a publicly accessible system, it is quite possible there will
be people with the same name - any suggestions on how to handle this in
a nice way?

- management of the user files: I notice Moin creates a file for each
user: is it better to let Moin manage these files (e.g.
creating/updating them on each login attempt), or to write a script to
create them pro-actively when a user is registered in the central system?

- can I keep the users in a MySQL or Postgres table rather than having
them in disk files?

- I want to allow the users to have both password and OpenID access -
and I thought that maybe I can just enable OpenID in Moin, my central
registration system could act as OpenID provider for the
password-authenticated users, and the users who have OpenID could
authenticate directly: but using OpenID URL's as identifiers, do the
users still potentially need unique WikiNames as well?

Any feedback is really appreciated, and however I get this up and
running, I am also keen to document it and share some of the scripts
that are developed.

Regards,

Daniel

More information about the Moin-user mailing list