[LON-CAPA-dev] Shibbolith
Guy Albertelli II
lon-capa-dev@mail.lon-capa.org
Thu, 17 Nov 2005 15:09:09 -0500 (EST)
Hi Mark,
> As our recent kerberos issues get resolved (it was actually a DNS
> problem), I've been told that the system people would really prefer that
> we use Shibbolith (sp?), which has been adopted by a number of
> universities in our state, for authentication.
>
> (1) Any thoughts on the matter?
Our university has thretened use with the same idea. :-)
> (2) Presumably, this can be done with local authentication.
I sure hope so since you can basically do whatever you want in there.
> (3) This might also be implemented as a larger scale solution (more like
> kerberos) if it is thought to be a global enough system.
Possibly, although I really am liking the 'local authentication'
mechanism alot.
I am leaning towards shiping a more comprehensive localauth.pm module
that has a bunch of common mechanisms in it. And then one can pick
which mechanism gets used through the use of the 'argument' to the
auth.
For example:
a user with
local:shibbolith -> would use localauth and tell it to use
the shibbolith mechanism
local:krb6:msu_edu -> would use the kerberos 6 mechanism
etc for ldap ...
--
guy@albertelli.com 0-7-2-0-27,137