Quoting Nick Daly (2013-12-28 02:08:39) > Bdale Garbee <[email protected]> writes: > >> Jonas Smedegaard <[email protected]> writes: >> >>> Ok. Makes good sense to mandate use of shared auth mechanism. Not >>> convinced LDAP is the ideal for that, though. >> >> ...Clearly not critical path, but this is another possible task for >> someone out there reading who would like a modest project that could >> help us out in the long term. >> >> What I think we can effectively use LDAP for is to manage the >> information associated with identities. Users, what access rights >> they should have, etc, in an application-neutral way that we can >> potentially wrap some plinth UI goodness around eventually. > > It should also be possible to use these sorts of ACLs to create > application-specific data-stores (among other things, to keep > applications from snooping on one another's data). Keeping data > separated is a related, but different, issue from the problem of > separating processes ("the LXC/VM issue").
Which applications do you have in mind which stores their data in LDAP? Or do you envision (even more!) applications written from scratch specific for FreedomBox? > So, does anybody know any good LDAP-enabled services we can use? I > tried to move a wiki service into Plinth (ikiwiki, via [0]), but > immediately ran into the problem that ikiwiki knows nothing about > authentication mechanisms other than its own. I'm checking on the > ikiwiki IRC channel and their forums, but very few wiki services > (other than MediaWiki, which feels like overkill) are aware of LDAP. Not sure what you mean by "knows nothing [...] other than its own." Here's a list of auth plugins: https://ikiwiki.info/plugins/type/auth/ I have not played with it myself, but believe you should be able to use either httpauth plugin + libapache module or unixauth + PAM module. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
