Scoop -- the swiss army chainsaw of content management
Front Page · Everything · News · Code · Help! · Wishlist · Project · Scoop Sites · Dev Notes · Latest CVS changes · Development Activities
Anyone interested in LDAP authentication? New Code
By Mathew Hennessy , Section Wishlist []
Posted on Thu Mar 08, 2001 at 12:00:00 PM PST
Hey, I've written a quickish hack against the 0.6 tarball that:
  • uses the realname users field to store a full name (kinda like gecos field)
  • uses the nickname as the LDAP UID
  • adds an auth option that operates after (uname && pass) and (uname && mail) that assumes that you've authenticated to LDAP via Apache::AuthNetLDAP
  • displays the realname on stories and comments, though it falls back to nickname if realname is null

The hack involves a small mod to the stories table (add a 'rid' field), several mods to several perl modules, and a perlauthenhandler stanza forthe AuthNetLDAP. Anyone interested? (of course, a really neat Right solution would be to install a custom LDAP schema on the LDAP side and rewrite the scoop codebase to do all user queries via LDAP, but I haven't the time or patience for that now! :)
< Scoop to Email Gateway, a Plan | account verification from webmail >

Menu
· create account
· faq
· search
· report bugs
· Scoop Administrators Guide
· Scoop Box Exchange

Login
Make a new account
Username:
Password:

Poll
Interested in LDAP for user authentication against a centralized user/pass scheme?
· Yes 40%
· No 0%
· Maybe 40%
· fnord. 20%

Votes: 5
Results | Other Polls

Related Links
· Scoop
· More on New Code
· Also by Mathew Hennessy

Story Views
  17 Scoop users have viewed this story.

Display: Sort:
Anyone interested in LDAP authentication? | 4 comments (4 topical, 0 hidden)
An idea worth pursuing (1.00 / 1) (#1)
by eroussel on Sat Mar 10, 2001 at 10:51:59 AM PST

Using an LDAP directory server to host the user database could be a good idea.

But transfering that database to LDAP just for the sake of using LDAP is a bit light...

If you're going to go the LDAP way, you might consider trying to give some "value-added" stuff. LDAP use is often justified by the need to come closer to the "single-logon" utopia. User profile is stored in a central place and used to control access to hosts, e-mail, etc.

I could see a use for LDAP authentication in the following scenario: an organization is hosting multiple scoop sites, each dedicated to a particular subject (or targeted at a particular audience), but wants it's users to have only one user/password for convenience, since a user might be interested in more than one scoop site.

I've downloaded scoop recently to "test-drive" it in the company I work for. We're just starting playing with the tool, but I can already see a need for that type of functionnality.

Another feature that could be interesting -- but I'm not sure it a job for scoop -- is to provide a "portal" view of multiple scoop sites, something like a MyNetscape but for scoop sites. Since scoop supports RSS (right?), this might already exists.



I AM intrested... (none / 0) (#4)
by ino on Fri Sep 20, 2002 at 01:34:38 AM PST

We're using Scoop as the "news & discussion" part of our intranet and I can tell you people approach me daily and ask for SSO or at least single passwords.
So I would be intrested in that "hack" and I am also willing to help extending it.

We are looking into building SSO support for MS-ASP (as this is the base for our portal) - it's tricky but we think it can be done.

Regards



Anyone interested in LDAP authentication? | 4 comments (4 topical, 0 hidden)
Display: Sort:

Hosted by ScoopHost.com Powered by Scoop
All trademarks and copyrights on this page are owned by their respective companies. Comments are owned by the Poster. The Rest © 1999 The Management

create account | faq | search