[WF-Infra] Re: [WF-General] We need a members database

Bryce Harrington bryce at neptune.net
Wed Oct 3 10:51:06 PDT 2001


On Wed, 3 Oct 2001, Philippe Jadin wrote:
> Hello,
> 
> 
> The subject says it all I guess. What do we currently have ? What could
> we use "worldforge-wide" ?
> 
> We'd need something that would be usefull outside of zope, so we can't
> keep the current zope user folders.
> 
> I vote for a mysql database with users informations, and MysqlUserFolder
> under zope to use the same data for website authentification. 
> 
> Is it a good idea to use mysql for other projects as well ? Or maybe
> ldap ?

I agree with all the above statements, and in fact I know of something
which will provide all of these needs, and more.

At OSDL, I implemented a ticket-based user management system using
Apache::AuthTicket and built atop mysql which I think would provide
what's needed.  It's implemented as an apache module that uses mysql (or
another database) and registered at Apache's authentication layer, so
it's pretty much transparent to the application - Apache will pass the
authenticated username to the web app, which can look up additional
information out of the database if it wishes.  What it does is generate
an expirable encrypted cookie that is sent to the client; the client can
then access any of the machines in the domain, using this cookie as the
"ticket" in.  When the ticket expires, the user is redirected to the
ticket server to re-enter their username and password.  

I have this system up and running at OSDL, with the account signup,
random password generation, password change, login, and administrative
forms set up, implemented in Eidetic, an application that we're already
modifying for use at WorldForge.  At OSDL we're using it for tracking
associates signup and personal information, and will be expanded to
allow tracking (via Request Tracker) of projects people are members of,
integrate it with request tracker so users can tie in their
bugs/tasklists/battleplans etc. onto their userpage, tie it in with the
automated code testing systems, and associate it with the event
tracker/scheduler which will be used for setting up meetings, scheduling
resources (or games), and so forth.  I'm even pushing to get Atlas
support added (we just need to have an Atlas-Perl codec written, which
should be a straightforward task); with Atlas, then we can tie the
system together with STAGE for importing/exporting player accounts,
creatures/items/entities, and any other game content that would be worth
editing from the web.  We're in the process of making Eidetic able to
work with Postgresql (so that db might be a better choice for this
application).  Once that is completed, we're going to shoot for getting
the meeting scheduler set up (the code other than the db is done.)

Oh, and at OSDL we've also discussed LDAP integration, too, but haven't
worked on it yet.  So if someone here is interested in working on adding
that into Eidetic, I think we'd love to see it and would certainly try
to use and support development of it.

Whew.  Anyway, to sum up - I think we'd get the best bang for the buck
by doing the members database via Eidetic, with the data stored either
in Postgresql (preference) or mysql, and with authentication controlled
via Apache::AuthTicket.  If Zope can be made to handle this sort of
setup, then I think it'd open a *lot* of potential.  Think it can be
done? 

Bryce




More information about the Infra mailing list