Menu
▾
▴
Re: [Bodington-developers] SP testing on wiki
|
From: Sean M. <se...@sm...> - 2006-07-05 18:52:09
|
well, we are pretty much the bod community, minus any lurkers who are using it without our knowledge. Who knows. Seems there are Danes using GX in anger without telling us, so it is possible. However, it is not right to do somethign retrograde in terms of ease of use, functionality, etc. It needs to be right on principle or we abandon the concept of community source in bod..... s <quote who=3D"Alistair Young"> >> why is it so much work to change that behaviour, so that normal users >> login via /site/ and Shibb users via /xyz/? > spot on - that's the goal, shibb users go in via /xyz - I can't say > how much work that is but until it's there bod can't be advertised as > an sp. Taking over the /site for shibb users and shunting normal > users to /opensite is not going to go down well with the bod community. > > Alistair > > > On 5 Jul 2006, at 14:24, Colin Tatham wrote: > >> Alistair Young wrote: >>>> different login route for Shibb isn't as good as a Shunnel(!) >>> >>> they're the same! a shunnel (cringe) is just another route into an >>> app via shibb. In this case it's a different url, /site/ >>> bs_template_shibb_login.html or something. >> >> I thought a shunnel (AY cringes) was a single page where users have >> to choose the login method, i.e. >> at the *same* URL as any other login point... >> >>> the issue is that the SP is too "invasive" for normal use. It can't >>> be used in a production bod as when it's turned on, all users must >>> login via it or via /opensite and when it's turned off they have to >>> revert to using the normal login in /site. >> >> Yes, I understand that, but why is it so much work to change that >> behaviour, so that normal users >> login via /site/ and Shibb users via /xyz/? Then, whether it's >> turned on or off makes no diff to >> normal users... >> >>> The code can stay in head and won't delay 2.8. >> >> OK, I though someone had suggested that it had to be removed... >> >>> What will delay 2.8 is >>> waiting for a shibb url to be implemented so that bod can be >>> advertised as an sp in 2.8 >>> >>> Alistair >>> >>> >>> On 5 Jul 2006, at 13:58, Colin Tatham wrote: >>> >>> >>>> Although I agree with most of what you say (I think) it doesn't >>>> seem to address what I was >>>> suggesting/asking? (Maybe it wasn't supposed to :-) ) >>>> >>>> 1) Can the SP bit be turned off by default, or re-configured so >>>> that the *Shibb* route is via a >>>> different URL? >>>> 2) Is the SP code already in HEAD? >>>> >>>> Although I agree having a different login route for Shibb isn't as >>>> good as a Shunnel(!) releasing >>>> 2.8 with different URL Shibb is better than not including it at >>>> all, especially if we have to take >>>> the code out of HEAD? >>>> >>>> Colin >>>> >>>> Alistair Young wrote: >>>> >>>>> Let me clarify first, that the issue is with bod itself, not with >>>>> what Atif has produced as a shibb module. I suspect the hand of >>>>> politics involved and as we all know, developers are it's servants. >>>>> >>>>> It would seem that local demands have impinged upon the gx >>>>> philosophy >>>>> of minimal disruption. e.g. the bod IdP runs without normal users' >>>>> knowledge and the SP should do the same. We, the gx project as a >>>>> whole, could have caught this earlier if we'd known about it but we >>>>> didn't so we couldn't. As the gx project is not about custom coding >>>>> to local demands then I would say it's fair to ask Atif or someone >>>>> Leeds can nominate to remove the implications of those local >>>>> demands >>>>> and bring bod in line with the minimal philosophy. >>>>> >>>>> This means providing a separate shibb route into bod. We've seen it >>>>> before with webauth etc so it's possible and is arguably the way it >>>>> should have been. >>>>> >>>>> As it stands, it's unacceptable to change the way an institution's >>>>> users work just so that a feature of the vle can be tested. When >>>>> opening your vle to shibbed users means inconveniencing your own >>>>> users, then we have failed. It's bad practice and bad publicity >>>>> that >>>>> will only harm bod in the long run. >>>>> >>>>> The Guanxi and SOCKET projects enjoy a symbiotic relationship so >>>>> let's not disturb that. Instead, let's find a way out of this >>>>> that is >>>>> benficial to all concerned. Whether that means subcontracting to >>>>> someone who knows enough about bod to implement this is a matter >>>>> for >>>>> discussion. >>>>> >>>>> Indeed, we know of someone who is currently available and is fresh >>>>> from testing bod and has some shibb knowledge to boot ;) >>>>> >>>>> Alistair >>>>> >>>>> >>>>> On 5 Jul 2006, at 12:57, Colin Tatham wrote: >>>>> >>>>> >>>>> >>>>>> Sean Mehan wrote: >>>>>> >>>>>> >>>>>>> well, what it does mean is that >>>>>>> >>>>>>> 1) GX isn't done, still; >>>>>>> 2) 2.8 will ship with no SP support unless we delay the 2.8 >>>>>>> release >>>>>>> for an indeterminate amount of time. >>>>>> >>>>>> Are the problems with the SP that bad that we remove it for 2.8? >>>>>> I think the main one is the fact that you can't use the same login >>>>>> route for Shibb and normal Bod >>>>>> auth (and the fact that sysadmin has to go via /opensite/). If >>>>>> it's >>>>>> possible to release it with the >>>>>> SP stuff turned off, it will work as normal, and if people want to >>>>>> test the SP, they follow some >>>>>> short instructions to enable it (and find out that they have to >>>>>> now >>>>>> login via /opensite/ as sysadmin)? >>>>>> >>>>>> Colin >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> If it is the case that we still haven't finished GX (with the >>>>>>> SP in >>>>>>> bod being a component of that), then, I suppose that we are >>>>>>> beholden >>>>>>> to Leeds to find the time for >>>>>>> their current project, which is still giving them money, in >>>>>>> order to >>>>>>> complete a project for which they received all of their money >>>>>>> some >>>>>>> time ago. >>>>>>> >>>>>>> As for 2, all things being equal, its a ++2 from me to ship >>>>>>> Bod 2.8 >>>>>>> with no SP support. >>>>>>> >>>>>>> s >>>>>>> >>>>>>> >>>>>>> On 5 Jul 2006, at 12:13, Alistair Young wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>>> nae probs wee man! >>>>>>>> >>>>>>>> On 5 Jul 2006, at 12:16, Atif Suleman wrote: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> Thanks Alistair for the feedback: >>>>>>>>> http://www.bodington.org/wiki/index.php? >>>>>>>>> title=3DTestRel2.8#Shibboleth_Functionality >>>>>>>>> >>>>>>>>> Any work on bodington-sp will have to wait until Socket >>>>>>>>> project is >>>>>>>>> finished at the end of the month. >>>>>>>>> >>>>>>>>> Ta >>>>>>>>> Atif. >>>>>>>>> >>>>>>>>> >>>>>>>>> Sean Mehan wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> On the SP side, Atif, can you fix the things Al has found >>>>>>>>>> there, >>>>>>>>>> including the documentation? We really need the SP to work >>>>>>>>>> as a >>>>>>>>>> final >>>>>>>>>> output for GX. >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> S >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On 5 Jul 2006, at 10:38, Alistair Young wrote: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> I've updated the testing page: >>>>>>>>>>> http://www.bodington.org/wiki/index.php? >>>>>>>>>>> title=3DTestRel2.8#Shibboleth_Functionality >>>>>>>>>>> >>>>>>>>>>> Good work Atif on the sp module but bod itself just isn't >>>>>>>>>>> ready >>>>>>>>>>> to be >>>>>>>>>>> an sp IMHO. >>>>>>>>>>> >>>>>>>>>>> Alistair >>>>>>>>>>> >>>>>> >>>>>> -- >>>>>> ____________________________________ >>>>>> Colin Tatham >>>>>> VLE Team >>>>>> Oxford University Computing Services >>>>>> >>>>>> http://www.oucs.ox.ac.uk/ltg/vle/ >>>>>> http://bodington.org >> -- >> ____________________________________ >> Colin Tatham >> VLE Team >> Oxford University Computing Services >> >> http://www.oucs.ox.ac.uk/ltg/vle/ >> http://bodington.org >> >> Using Tomcat but need to do more? Need to support web services, >> security? >> Get stuff done quickly with pre-integrated technology to make your >> job easier >> Download IBM WebSphere Application Server v.1.0.1 based on Apache >> Geronimo >> http://sel.as-us.falkag.net/sel? >> cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D121642 >> _______________________________________________ >> Bodington-developers mailing list >> Bod...@li... >> https://lists.sourceforge.net/lists/listinfo/bodington-developers > > > Using Tomcat but need to do more? Need to support web services, securit= y? > Get stuff done quickly with pre-integrated technology to make your job > easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geron= imo > http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat= =3D121642 > _______________________________________________ > Bodington-developers mailing list > Bod...@li... > https://lists.sourceforge.net/lists/listinfo/bodington-developers > --=20 Sean Mehan Head of e-Frameworks Learning and Information Services UHI |
