RE: [xdi] [wiki] Editor names

["Sakimura, Nat" <n-sakimura@nri.co.jp>]

It is time to consider SAML/XRI SSO :-)

Sorry, I could not resist...

Nat Sakimura
=sakimura 

-----Original Message-----
From: Rob Figenbaum [mailto:rob.figenbaum@oasis-open.org] 
Sent: Wednesday, July 06, 2005 11:42 PM
To: Barnhill William
Cc: mary.mcrae@oasis-open.org; Drummond Reed; xdi@lists.oasis-open.org
Subject: Re: [xdi] [wiki] Editor names

Thanks William, but I do not think this will work for us. I will give a
brief explanation of what we are doing and why  your solution probably
will not work.

1. We currently have MoinMoin using HTTP authentication off of our Kavi
user database. When we create a TC's wiki we configure the farm.conf,
farmconfig.py, create wikiname.py and a wikiname subdirectory. 
Configuring these files allows us to bounce the HTTP authentication off
of the Kavi TC member database in real time.

2.  It looks like you created the "barnhilw" profile manually and we can
not maintain a separate Moin user table. As stated in step 1 we need to
bounce the user authentication off of the TC/user table in Kavi. This
ensures that only the TC's members have write/edit permissions. This
solution also would not scale well as more TC's have wiki's.

Our optimum solution would be to not create any users in MoinMoin. We
just want to pass the REMOTE_USER info to MoinMoin's visible logs. I say
visible because we can pass the REMOTE_USER to the logs but all visible
references seem to need user.id instead of the name. This entry is from
the edit-log under a wiki, note Jamie's name.

1120162215000000        00000003        SAVE    StaffInfoArch
67.20.95.201
ca-simival-cuda2-c3b-201.snbrca.adelphia.net    jamieclark

This next best thing would be to have HTTP_auth automatically create an
account in the MoinMoin which we have been partially successful with. We
can get HTTP_auth to create the account which creates the user.id, which
subsequently fully populates the editor field and log files. But, we
fail if no username is entered. The OASIS staff wiki is needs
authentication for any access and this method works fine for the staff
page. It works because we always are passing the HTTP_auth info.
But it does not work on sites that allow all to read. For example, the
XDI site's current set up is, one only enters the username when one is
ready to post. There is no HTTP_auth session for readers because we only
limit on post. Well, MoinMoin and python error out when the username =
none which is the result of not having the HTTP_auth session.

Complicated, yes!!

Call me at 978-667-5115 x205 if you have any questions.

Barnhill William wrote:

>
> Rob,
>
> Got editor names working:
> .. Editing only allowed after apache authentication .. Name of 
> authenticated user (if profile exists) is displayed in revision 
> history .. After apache authentication of user with MoinMoin profile 
> the MoinMoin profile is logged in
>
> A rough HowTo is on the Communitivity wiki:
>    
> http://wiki.communitivity.com/HowToCombineApacheAuthAndMoinUserNames
>
> You can also give it a test on there. There are two users, barnhilw
> (pw:excalibur) and dummy (pw: test).  barnhilw has a MoinMoin profile 
> created, dummy does not.
>
> Feel free to add any suggestions at the end of the how-to page under 
> the 'Still to do' bullet.
>
> Bill
>
> -----Original Message-----
> From: Rob Figenbaum [mailto:rob.figenbaum@oasis-open.org]
> Sent: Tue 7/5/2005 9:43 AM
> To: mary.mcrae@oasis-open.org
> Cc: 'Drummond Reed'; Barnhill William; xdi@lists.oasis-open.org
> Subject: Re: [xdi] [wiki] Editor names
>
> I will be more than happy to turn it on. Mary was correct, we did not 
> know it was turned off. I will try and get to this sometime in the 
> next day or two.
>
> Darn holidays and vacation puts me behind.
>
> Mary McRae wrote:
>
> > Hi Drummond,
> > Rob has signed on to the xdi list for the time being, so we're both 
> > here :-) I would suggest that you directly cc me on any 
> > communication specifically related to the wiki to be sure I don't 
> > miss it and can track it. I didn't realize that the rename function 
> > was turned off; my guess is that it just wasn't turned on :-) Rob is

> > out until Tuesday so I'll compile a list of requests until then.
> > Thanks!
> > Mary
> >
> >     
> ----------------------------------------------------------------------
> --
> >     *From:* Drummond Reed [mailto:drummond.reed@cordance.net]
> >     *Sent:* Thursday, June 30, 2005 5:49 PM
> >     *To:* 'Barnhill William'; xdi@lists.oasis-open.org
> >     *Cc:* mary.mcrae@oasis-open.org
> >     *Subject:* RE: [xdi] [wiki] Editor names
> >
> >     Mary,
> >
> >     See this message from Bill Barnhill. Let us know who else we
> >     should be directing these wiki questions to.
> >
> >     Also, I noticed something - the "Rename Page" function is turned
> >     off. This is one of the most useful new functions in MoinMoin,
> >     that can save hours of time on large wikis. Is there any reason
it
> >     can't be turned on?
> >
> >     =Drummond
> >
> >     
> ----------------------------------------------------------------------
> --
> >
> >     *From:* Barnhill William [mailto:barnhill_william@bah.com]
> >     *Sent:* Thursday, June 30, 2005 7:53 AM
> >     *To:* xdi@lists.oasis-open.org
> >     *Subject:* [xdi] [wiki] Editor names
> >
> >     Is there any way we could have the Wiki track who edited pages
by
> >     the authenticated user name? The info's in the GET headers, at
the
> >     worst it would seem to require a simple Moin-Moin plugin, and at
> >     best (and I suspect more likely) someone's already figured out
how
> >     to do this.
> >
> >     I personally use this as a reference to see who to ask if I have
> >     questions, and also if I know a particular person is working on
> >     something I can just look for their name on recent changes.
> >
> >     Thanks in advance,
> >
> >     Bill Barnhill
> >
> >     Senior Consultant (XML, Emerging Technologies, Web Services, 
> > Java)
> >
> >     Booz | Allen | Hamilton
> >
> >     mailto:barnhill_william@bah.com
> >
> >     phone:+1.315.330.7386
> >
>
> --
> Rob Figenbaum
> Manager of Technology Services
> OASIS
> 978-667-5115 x205
>
>

--
Rob Figenbaum
Manager of Technology Services
OASIS
978-667-5115 x205