[opensuse-web] Fun with AccessManager
Hello, I noticed some fun with AccessManager - using "Sign up" instead of "Login" can be the better choice. Details: I'm already logged in on bugzilla. If I now want to login to the wiki, I have two options: a) click the "Login" link and re-type username and password (which makes the cross-domain single sign-on quite useless) b) click the "sign up" link and get logged in instantly (which is better, but not obvious for the average user) Is it possible to be logged in _automatically_ to the wiki if I'm already logged in on bugzilla? (Or at least let the login box check in the background if the user is already logged in elsewhere before forcing him to re-type his username and password?) Regards, Christian Boltz -- For Linux an additional file permission should be invented: Stooge-Hidden. You set this permission on every file that average user does not understand. The flag does hide the file from the average user, because otherwise average user will cry at you for multiple weeks if they see the file, which might start to become pretty annoying. [Robert Schiele in opensuse-factory] -- To unsubscribe, e-mail: opensuse-web+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-web+owner@opensuse.org
Hi Christian, This is actually a known issue, and is only temporary. This is not because of Access Manager, per se, but the way in which we have to migrate. We are running Access Manager in "migration mode", in which you have to log into iChain before logging into Access Manager to retain SSO between the systems. In this situation, Access Manager requires you to be logged into iChain for its protected resources, but it's not necessarily true the other way around. You actually give the perfect example of this, which is the example that I gave to the project manager when describing this. When you log into Bugzilla, you are logged into iChain because that is what protects Bugzilla right now. When you then visit the wikis, Access Manager has no way to tell that you are supposed to be logged in until you hit a protected resource, forcing it to work through iChain. That's why merely hitting the "sign up" link logs you in. As you can see, the problem only applies in a specific circumstance (first logging into an iChain site, then visiting an AM site that's normally public but can accept headers for logged in users). As we continue to migrate sites to Access Manager, this will become less and less of an issue. For example, we are moving Bugzilla to AM in early January. When that is done, you will no longer see that problem with Bugzilla and the openSUSE sites. When the transition is done and we are out of migration mode, this will not be an issue for any sites. -Matt
Hello, Am Dienstag, 20. Dezember 2011 schrieb Matthew Ehle:
When the transition is done and we are out of migration mode, this will not be an issue for any sites.
That's good to know, thanks for explaining it! Regards, Christian Boltz --
-- To unsubscribe, e-mail: opensuse-web+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-web+owner@opensuse.org
participants (2)
-
Christian Boltz
-
Matthew Ehle