On Thu, Jul 21, 2011 at 09:04:45AM +0530, Rahul Sundaram wrote: > On 07/21/2011 04:20 AM, Toshio Kuratomi wrote: > > Will you want single sign on (meaning if you log into pkgdb, you are also > > logged into askbot)? If not, I would suggest we try and use the openid > > support in askbot with the fas openid provider. That way we may be able to > > eliminate the need to maintain the fas auth plugin. > > I think single sign on will make Askbot more integrated with Fedora and > fas auth plugin code is pretty small > > https://github.com/pjps/fasauth/ > Okay... If we want single sign on we'd also need to run it at something like https://admin.fedoraproject.org/askbot as cookies are only sent back to the same domain as they come from (we can't remove the admin and use fedoraproject.org either as we have less secure servers on fedoraproject.org [like publictestXX.fedoraproject.org] and wouldn't want user's session cookies to go to those boxes.) But if that's also okay, then the plugin does have value. We'll have to set it to use the tg-visit session cookie as a way to verify the user. -Toshio
Attachment:
pgpTKqsNSQYXv.pgp
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
