[geeklog-devtalk] [Feature] Distributed Authentication

[Michael Jervis]

> Could this not be how we add the distributed authentication as well?


I don't think so.

NTLM and AD authentication is based on your network identity. It's an
omnipresent token in your network prescence.

There is no way code running on fuckingbrit.com can tell that you are logged
into geeklog.net. (My version of) distributed authentication is really I
guess remote authentication. Allowing people to log in to your site with
credentials from another site rather than signing up for Yet Another Site
Specific Account. When you are using Livejournal and blogger.com as your
remote authentication that's a rather large portion of the blog reading
world.

There are I am sure plenty of people who have accounts on neither, but if
they have a geeklog (powered) account elsewhere, or a drupal one or
whatever, then that expands and expands the auth base.

There clearly is a place in the code base for network token based pervasive
login/single sign on, but, that's not the way this code can work.


> >I'm in bonnie scotland again

> 

> Greetings to the folks in Edinburgh and Dunfermline, if you 

> happen to be in that area[1] ;-)


I was in Edinburgh, back now:

http://fuckingbrit.com/gallery/Incoming/DSCN0728

That's the view from the office I was in, however, that was when I was there
in June not this weekend when the weather was nice and the trees bald...


> That's a relatively recent addition to CVS (last weekend or so ...).


Where should I look for a sample?

Also, I'm interested in the trackback stuff, but I can't see it in my site.
I've got 1.3.12cvs up on fb.com, with professional installed and set to /my/
personal theme. But I see no sign of trackback functions, where should I
look?


> That's the interesting bit: Would it work without adding the 

> authenticated user to the DB? I'm wondering if we really want 

> to add all these users.


I think we do.

Then they can be granted permissions, perhaps authenticated users
should/could be put into a different group to the regular authenticated
group. Then they can work for more than just comments. Forum posts etc. They
will work seamlessly with all modules, rather than only being able to
comment.

Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3030 bytes
Desc: not available
Url : <http://eight.pairlist.net/pipermail/geeklog-devtalk/attachments/20050201/eca61191/attachment.bin>