[opensuse-buildservice] Introduction - Udit Sajjanhar Gsoc 2009
Hi All, I am Udit Sajjanhar from IIT Kharagpur, India. I am working on implementing openid login into the opensuse-buildservice. Cornelius Schumacher is mentoring me and Adrian Schröter is also helping me out. People who have worked on openid/webclient before would be of great help. A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal Comments are welcome!! Looking forward to an exciting summer ahead, Udit Sajjanhar (I am sorry if u received two copies of this message. Previous one seemed to have been rejected as it contained the html link.) -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On Mon, May 25, 2009 at 07:13:17PM +0530, Udit Sajjanhar wrote:
Hi All,
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
Great! Welcome on board, I wish you good luck and a lot of fun with your project. Let us know whatever would help you to get going. Peter -- "WARNING: This bug is visible to non-employees. Please be respectful!" SUSE LINUX Products GmbH Research & Development
Hi Udit
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
That is great, nice to have you on board!
A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS. I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible. Have you thought about that? Thanks, Klaas -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 28. Mai 2009 09:36:06 schrieb Klaas Freitag:
Hi Udit
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
That is great, nice to have you on board!
A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS.
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Have you thought about that?
Hm, I am not sure if we need this in our setup. We need anyway to ensure that a user exists in the eDirectory (== iChain) database, so we would anyway only allow our own provider ? And other instances would go exclusivly for openID without iChain, I think. Do I miss something ? bye adrian -- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 28. Mai 2009 09:50:02 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 09:36:06 schrieb Klaas Freitag:
Hi Udit
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
That is great, nice to have you on board!
A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS.
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Have you thought about that?
Hm, I am not sure if we need this in our setup. We need anyway to ensure that a user exists in the eDirectory (== iChain) database, Why is that? Might sound naive, but I think it's time to revisit this question.
Klaas -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 28. Mai 2009 10:12:58 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 09:50:02 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 09:36:06 schrieb Klaas Freitag:
Hi Udit
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
That is great, nice to have you on board!
A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS.
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Have you thought about that?
Hm, I am not sure if we need this in our setup. We need anyway to ensure that a user exists in the eDirectory (== iChain) database,
Why is that? Might sound naive, but I think it's time to revisit this question.
Because we use the IDs for refering to other systems (bugzilla for example). We use the login name as key (to map to email address for bugzilla) for refering to the user. This would break as long not all other systems would also accept openID at the same point of time. bye adrian -- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On Thursday 28 May 2009 10:29:23 Adrian Schröter wrote:
Because we use the IDs for refering to other systems (bugzilla for example). We use the login name as key (to map to email address for bugzilla) for refering to the user.
It's kind of a bad practice to automatically enforce a relation to a specific Bugzilla account. It would be much better, if the user would be in control of that, and be able to choose to which Bugzilla account she wants to be associated (probably defaulting to the account corresponding to the Novell account, provided we have that information). -- Cornelius Schumacher <cschum@suse.de> -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 28. Mai 2009 10:42:09 schrieb Cornelius Schumacher:
On Thursday 28 May 2009 10:29:23 Adrian Schröter wrote:
Because we use the IDs for refering to other systems (bugzilla for example). We use the login name as key (to map to email address for bugzilla) for refering to the user.
It's kind of a bad practice to automatically enforce a relation to a specific Bugzilla account. It would be much better, if the user would be in control of that, and be able to choose to which Bugzilla account she wants to be associated (probably defaulting to the account corresponding to the Novell account, provided we have that information).
You can configure the bugzilla id already (and refering to external bugzillas was part of the spec, but is not implemented). But when you start developing with openID, how can you convert this later to the classic accounts later one to be able to use our bugzilla ? bye adrian -- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 28. Mai 2009 10:29:23 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 10:12:58 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 09:50:02 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 09:36:06 schrieb Klaas Freitag:
Hi Udit
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
That is great, nice to have you on board!
A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS.
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Have you thought about that?
Hm, I am not sure if we need this in our setup. We need anyway to ensure that a user exists in the eDirectory (== iChain) database,
Why is that? Might sound naive, but I think it's time to revisit this question.
Because we use the IDs for refering to other systems (bugzilla for example). We use the login name as key (to map to email address for bugzilla) for refering to the user. I of course know that. But this argument is weak.
We're not talking about loosing the user identifying strings. For a new implementation it would be mandatory that you can connect your existing iChain account to an openID account. But it would not be mandatory to _have_ an iChain account, an openID would be sufficient. Of course the openID-only variant would loose the bugzilla connect, which is not really used anyway. All other systems can work with the new system.
This would break as long not all other systems would also accept openID at the same point of time.
No. Klaas -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 28. Mai 2009 10:42:37 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 10:29:23 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 10:12:58 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 09:50:02 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 09:36:06 schrieb Klaas Freitag:
Hi Udit
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
That is great, nice to have you on board!
A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS.
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Have you thought about that?
Hm, I am not sure if we need this in our setup. We need anyway to ensure that a user exists in the eDirectory (== iChain) database,
Why is that? Might sound naive, but I think it's time to revisit this question.
Because we use the IDs for refering to other systems (bugzilla for example). We use the login name as key (to map to email address for bugzilla) for refering to the user.
I of course know that. But this argument is weak.
We're not talking about loosing the user identifying strings. For a new implementation it would be mandatory that you can connect your existing iChain account to an openID account. But it would not be mandatory to _have_ an iChain account, an openID would be sufficient. Of course the openID-only variant would loose the bugzilla connect, which is not really used anyway. All other systems can work with the new system.
Well it is used. But you can argument that we enforce to use the iChain account only for some users where we need this. (We need it for maintained packages the contact email address, which is also used for the bugzilla connection).
This would break as long not all other systems would also accept openID at the same point of time.
No.
How would you request the email adresses for these users than ? -- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 28. Mai 2009 10:51:42 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 10:42:37 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 10:29:23 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 10:12:58 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 09:50:02 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 09:36:06 schrieb Klaas Freitag:
Hi Udit
> I am Udit Sajjanhar from IIT Kharagpur, India. > > I am working on implementing openid login into the > opensuse-buildservice.
That is great, nice to have you on board!
> A public version of my gsoc proposal is available @ > http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS.
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Have you thought about that?
Hm, I am not sure if we need this in our setup. We need anyway to ensure that a user exists in the eDirectory (== iChain) database,
Why is that? Might sound naive, but I think it's time to revisit this question.
Because we use the IDs for refering to other systems (bugzilla for example). We use the login name as key (to map to email address for bugzilla) for refering to the user.
I of course know that. But this argument is weak.
We're not talking about loosing the user identifying strings. For a new implementation it would be mandatory that you can connect your existing iChain account to an openID account. But it would not be mandatory to _have_ an iChain account, an openID would be sufficient. Of course the openID-only variant would loose the bugzilla connect, which is not really used anyway. All other systems can work with the new system.
Well it is used. But you can argument that we enforce to use the iChain account only for some users where we need this. (We need it for maintained packages the contact email address, which is also used for the bugzilla connection). It is out of question that we have to ensure a valid email for all users, maybe through a "reply to this mail to validate your user" or something. The email coming with openID should also be validated.
We provide the possibility to link the iChain account to openID, as said before, so we should be fine with the Bugzilla problem. The cool thing would be that people who just want to have a look can log in with their openID. We have to lower the barrier for them, and they don't care about bugzilla. Later, when we convinced them to contribute more we can ask again to create a Novell account to have the Bugzilla connect. klaas -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On Thu, May 28, 2009 at 2:31 PM, Klaas Freitag <freitag@suse.de> wrote:
Am Donnerstag, 28. Mai 2009 10:51:42 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 10:42:37 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 10:29:23 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 10:12:58 schrieb Klaas Freitag:
Am Donnerstag, 28. Mai 2009 09:50:02 schrieb Adrian Schröter:
Am Donnerstag, 28. Mai 2009 09:36:06 schrieb Klaas Freitag: > Hi Udit > > > I am Udit Sajjanhar from IIT Kharagpur, India. > > > > I am working on implementing openid login into the > > opensuse-buildservice. > > That is great, nice to have you on board! > > > A public version of my gsoc proposal is available @ > > http://sajjanharudit.googlepages.com/openidproposal > > Reading through your proposal I wasn't able to read about how > the openID capabilities can coexist with the currently used > iChain login mechanism in OBS. > > I think it would make sense if one could link the current iChain > account and one or more openID accounts so that alternative > use is possible. > > Have you thought about that?
Hm, I am not sure if we need this in our setup. We need anyway to ensure that a user exists in the eDirectory (== iChain) database,
Why is that? Might sound naive, but I think it's time to revisit this question.
Because we use the IDs for refering to other systems (bugzilla for example). We use the login name as key (to map to email address for bugzilla) for refering to the user.
I of course know that. But this argument is weak.
We're not talking about loosing the user identifying strings. For a new implementation it would be mandatory that you can connect your existing iChain account to an openID account. But it would not be mandatory to _have_ an iChain account, an openID would be sufficient. Of course the openID-only variant would loose the bugzilla connect, which is not really used anyway. All other systems can work with the new system.
Well it is used. But you can argument that we enforce to use the iChain account only for some users where we need this. (We need it for maintained packages the contact email address, which is also used for the bugzilla connection). It is out of question that we have to ensure a valid email for all users, maybe through a "reply to this mail to validate your user" or something. The email coming with openID should also be validated.
We provide the possibility to link the iChain account to openID, as said before, so we should be fine with the Bugzilla problem.
Buildservice would use iChain via openID bridge. So existing user will be able to use the current Novell logins. Existing users will be provided an interface for linking their account to openid(s). Once done, users will be able to login via openid.
The cool thing would be that people who just want to have a look can log in with their openID. We have to lower the barrier for them, and they don't care about bugzilla. Later, when we convinced them to contribute more we can ask again to create a Novell account to have the Bugzilla connect.
Thus a new user will not be required to have a iChain account. New users will also be provided an interface to validate their email address.
klaas -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
-- ================================ Udit Sajjanhar -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Thursday 28 May 2009 09:36:06 schrieb Klaas Freitag:
Hi Udit
I am Udit Sajjanhar from IIT Kharagpur, India.
I am working on implementing openid login into the opensuse-buildservice.
That is great, nice to have you on board!
A public version of my gsoc proposal is available @ http://sajjanharudit.googlepages.com/openidproposal
Reading through your proposal I wasn't able to read about how the openID capabilities can coexist with the currently used iChain login mechanism in OBS.
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Doesn't use susestudio ichain also as openid provider ? At least the login-page states this. Best, Jan-Simon -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
On Thursday 28 May 2009 09:51:56 Jan-Simon Möller wrote:
Am Thursday 28 May 2009 09:36:06 schrieb Klaas Freitag:
I think it would make sense if one could link the current iChain account and one or more openID accounts so that alternative use is possible.
Doesn't use susestudio ichain also as openid provider ? At least the login-page states this.
Yes, Studio uses iChain via an OpenID bridge. So the most elegant solution for the build service would be to use the same mechanism. This would mean that in the build service we would have to replace the direct iChain login by an OpenID login. Then users could login with their Novell account just like it's now, but they could also add additional OpenIDs, or we could even allow new users to login with whatever OpenID they like. -- Cornelius Schumacher <cschum@suse.de> -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
participants (6)
-
Adrian Schröter -
Cornelius Schumacher -
Jan-Simon Möller -
Klaas Freitag -
Peter Poeml -
Udit Sajjanhar