[geeklog-devel] 'force_remoteauthentication' patch forenterprise users

[Blank, Jessica]

> >Additionally: Did you add logic to remove the dropdown if only one 
> >authentication method is present and 
> >$_CONF['user_login_method']['3rdparty'] = true and 
> >$_CONF['user_login_method']['standard'] = false? It would make little

> >sense to have a dropdown where a user can only select one method... 
> >Just use a hidden form field like I did, no?
> 
> Ah, I missed that bit. Okay, I see your point but I think it should be
made clear what the login method is going to be. > So maybe we should
add the login method as a simple text string then?

In our experience, users get confused when they are provided with
extraneous information. If the only login method they ever use is LDAP
(and bear in mind that most users don't even know what 'LDAP' -is-, nor
do they want to), even printing 'Login via: LDAP' or the like (even if
it's not changeable) will simply confuse them. My recommendation is that
if there's only one authentication method available to users (be it
'local' or 'remote'), that the authentication method simply not be
mentioned at all in the visible page... It would just confuse end-users.
In other words, if all logins are via LDAP, then there's really no point
in printing LDAP anywhere on the page... Just have the form send LDAP as
a hidden form field and be done with it, with no user confusion ("hey,
now the login form says 'LDAP'... What's 'LDAP'? Do I need to worry
about this? Is 'LDAP' a virus?...")

In any case, that has been our experience.

What do you think?

> >We simply do not HAVE any
> >local logins for geeklog; everything is done via LDAP. :)
> 
> So you have a remote authentication module that does LDAP? We had
quite a few people ask for something like this. Any > > chance you could
make it available?

Yup. We certainly do have this! It's super simple too. Tell you what; I
will pull the latest version of the code from CVS and tweak my CVS
module to work with it, then submit it. :)

--Jessica