> well, thats hard for people to remember I understand which is why I explained the "implementation" later in my original e-mail. As part of the implementation I forsee various Virtual Hosts which would map to a domain (or sub-domain) but then rewrites through the central method I proposed in my first e-mail. These sub-domains (or the other approach yet to be determined) would then rewrite through the filter. It would scale and it would provide a step-by-step process for new applications that could be scripted. The authentication module would probably also help but this approach would be laborious however possibly worth it in the long-run. > keep the url constant so it doesn't confuse people. It would be constant. We would do various things behind the scense like I mentioned earlier in this e-mail and in my previous one. I probably should have discussed the "implementation" before the theory but I figured it was a putting the "cart before the horse." > carefull with the csrf stuff, and the domains for sharing > cookies. Yes. The unified RBAC piece would help with this I think. As opposed to relying on cookies for each sub-domain for authentication the person would authenticate once, then based on their permissions be granted access to each application. This might also help in the long-run because it would force us to move more session data into the database which over time would help with load-balancing and failover (not that things are now done poorly, it's just a different approach). > but thanks for the ideas. ;) Thank you for considering them and for the continued feedback. _______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
