Thread: RE: [Rainbowportal-devel] User nickname
Brought to you by:
danijel_kecman,
manudea
From: Mark M. <mar...@ar...> - 2003-04-28 12:20:48
|
One of the 'bad' original design decisions in IBS, and inherited by Rainbow, is to store "CreatedBy" as a text string in every module database table. When we implement row-level security for a table, e.g. let users edit only discussion posts they made themselves, we need a 100% reliable way to match a users current credentials with whatever text is stored in "CreatedBy" This creates problems if nicknames or email addresses change and these are what are stored in the database. A better solution is to change all modules to use a UniqueID for each user, and then you can do a lookup to get a friendly name for display, or an authentication check can be made on the unique ID - (remember this needs to work on Windows Authentication deployments as well). We could today change all modules to identify "CreatedBy" using a unique userID, but then how do we convert existing databases? There is also a performance hit in this, i.e. when displaying large tables with "CreatedBy" you are doing a joined-lookup for every single row rather than just blasting out another text field. Please think through the implications of current deployments before changing the behavior of "CreatedBy" in every database table. As for the discussions, it would be possible to change the code in DiscusionDB.cs to display most anything you want for the user name, i.e. you could get the "CreatedBy" text from the database field, and then try to 'find' the user, and then use their nickname or some other User table field. Mark -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Cory Isakson Sent: Monday, April 28, 2003 7:26 AM To: rai...@li... Subject: Re: [Rainbowportal-devel] User nickname Ender, The nickname idea is excellent, but I do have 1 thing that should be considered in the implementation. If you chose "superman" as your nickname and become popular with that nickname then I may also want to use it to pretend to be you in discussions. You don't want to force unique nicknames because then you end up with names like coll23.1 and nonsense like that. My thought would be to also create a unique integer ID for each user and then use that along with the nickname. ##_nickname. Just add it to the nickname when saving it and strip it off when the user is changing the nickname and re-add it on update. That way it is part of the field value, but the user cannot remove it and it will force uniqueness and allow me to change my nickname. The number will be my true identity. Those are my thoughts on it. Cory Isakson cis...@ya... ----- Original Message ----- From: "Ender Malkoc" <end...@ya...> To: <rai...@li...> Sent: Friday, April 25, 2003 9:23 AM Subject: [Rainbowportal-devel] User nickname > Guys, > > We have been using e-mail as user identification method for Rainbow. > I actually like this mechanism as they are guaranteed to be unique and > people > don't have any problem with forgeting it. > But I hit a major obstactle with this. None of my users using my site > want > their e-mail to be displayed when they participate in discussions > because it is > a public website. Or I can't enable the "Show Created by" feature again > for the > same reason. Basically there are two reasons for this. One privacy; > they don't > want just anyone be able to see their e-mail. Two Spam bots: There are > bots > which surf the internet to find e-mails to spam. > To resolve this issue, we need to enforce user to pick a unique > nickname at > the time of registration and use this field instead of e-mail throught > the > system. > Of course using nicknames should be optional as it doesn't make sense > for > some sites. What I am envisioning is this: > 1. Add a site setting "Login User Identifier" with two options > "Email" and > "Nickname". This is what they will enter in the Login box. > 2. Add a site setting "Display User Identifier" with two options > "Email" > and "Nickname". This is what will be displayed in Discussions, Created > by. etc. > 3. If both is selected to be Email, Nickname won't be shown in > registration. > 4. Email will always be shown and required. > 5. If Nickname is selected for any of the two, it will be required > and > enforced to be unique. > 6. If user doesn't have a nickname (if settings are changed after > having > users) he will be shown as "Anonymous User" > > Let me know if there is anything I missed. If noone have any problem > with it I want to make this change soon. So please provide feedback as > soon as possible. > > Sorry for the long e-mail > > Ender > > __________________________________________________ > Do you Yahoo!? > The New Yahoo! Search - Faster. Easier. Bingo http://search.yahoo.com > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Rainbowportal-devel mailing list > Rai...@li... > https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel > ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel |
From: Mark M. <mar...@ar...> - 2003-04-29 05:23:24
|
I haven't gone through the latest Rainbow code for Windows authentication, but I do need: - the ability for domain users to be able to do things like subscribe to a newslist and set other user properties, e.g. nickname if they like. I don't think that in the windows authentication mode we should ignore the SQL users table, we just don't use that table to authenticate users, but otherwise the behavior between forms and windows authentication would be identical (I haven't thought through this completely yet). I am not suggesting that Windows users must register, but they should be able to use other 'my profile' features like mail list subscriptions, nicknames, ... Actually, I think repetitive UserId lookups to get a 'friendly name' for every discussion thread in the domain scenario can be very expensive, particularly if you have a flat domain model with 50,000 users like my company. In the forms auth. Mode, you don't really need to ever delete a user, they can just be deactivated. This would avoid future problems where a userId lookup couldn't' find the user. In the windows auth mode this may still be a problem. Mark -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Cory Isakson Sent: Tuesday, April 29, 2003 6:09 AM To: rai...@li... Subject: Re: [Rainbowportal-devel] User nickname Rainbow and Windows nicknames. When using Windows nicknames you would simply use the persons loginID. DOMAIN\username. This is essentially the same as using Email address with Forms authentication. Windows users never register and never have any special nicknames or anything like that. I seem to remember someone asking about registration for Windows users, but for most cases I do not think that is good or necessary. Windows authentication implies an Intranet where everyone is typically more known anyhow. Cory Isakson ----- Original Message ----- From: "Ender Malkoc" <end...@ya...> To: <rai...@li...> Sent: Monday, April 28, 2003 9:02 AM Subject: RE: [Rainbowportal-devel] User nickname > Mark, > > Very good point. I thought about this and ideally, I would like to > store UserId instead of CreatedBy. CreatedBy defeats the most basic > database normalization rules. Performance won't be a big issue; Joins > on primary keys > are cheap unless you have million records. And we should even be able > to import > existing databases with a basic e-mail lookup. One of my concerns was > the > deleted users. But I think you can display "Deleted User" for them. But > I am > not very clear on how Rb handles windows authentication. If you keep > your user > info in LDAP, I am sure you don't want to lookup nicknames for > everysingle > person in your discussion forum. > > Ender ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel |
From: Geert A. <gee...@sy...> - 2003-04-29 06:30:39
|
This is not a very big problem to solve. If a windows user first accesses the site one can create a copy of its data in the persistence model. This way there isn't even any difference in programming with the different user kinds. The only difference is situated in how the user registers him. Greetz, Geert ******************* Geert Audenaert Syntegra, creating winners in the digital economy +32 2 247 92 20 - check us out at www.syntegra.be ******************* -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Mark McFarlane Sent: dinsdag 29 april 2003 7:24 To: rai...@li... Subject: RE: [Rainbowportal-devel] User nickname I haven't gone through the latest Rainbow code for Windows authentication, but I do need: - the ability for domain users to be able to do things like subscribe to a newslist and set other user properties, e.g. nickname if they like. I don't think that in the windows authentication mode we should ignore the SQL users table, we just don't use that table to authenticate users, but otherwise the behavior between forms and windows authentication would be identical (I haven't thought through this completely yet). I am not suggesting that Windows users must register, but they should be able to use other 'my profile' features like mail list subscriptions, nicknames, ... Actually, I think repetitive UserId lookups to get a 'friendly name' for every discussion thread in the domain scenario can be very expensive, particularly if you have a flat domain model with 50,000 users like my company. In the forms auth. Mode, you don't really need to ever delete a user, they can just be deactivated. This would avoid future problems where a userId lookup couldn't' find the user. In the windows auth mode this may still be a problem. Mark -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Cory Isakson Sent: Tuesday, April 29, 2003 6:09 AM To: rai...@li... Subject: Re: [Rainbowportal-devel] User nickname Rainbow and Windows nicknames. When using Windows nicknames you would simply use the persons loginID. DOMAIN\username. This is essentially the same as using Email address with Forms authentication. Windows users never register and never have any special nicknames or anything like that. I seem to remember someone asking about registration for Windows users, but for most cases I do not think that is good or necessary. Windows authentication implies an Intranet where everyone is typically more known anyhow. Cory Isakson ----- Original Message ----- From: "Ender Malkoc" <end...@ya...> To: <rai...@li...> Sent: Monday, April 28, 2003 9:02 AM Subject: RE: [Rainbowportal-devel] User nickname > Mark, > > Very good point. I thought about this and ideally, I would like to > store UserId instead of CreatedBy. CreatedBy defeats the most basic > database normalization rules. Performance won't be a big issue; Joins > on primary keys > are cheap unless you have million records. And we should even be able > to import > existing databases with a basic e-mail lookup. One of my concerns was > the > deleted users. But I think you can display "Deleted User" for them. But > I am > not very clear on how Rb handles windows authentication. If you keep > your user > info in LDAP, I am sure you don't want to lookup nicknames for > everysingle > person in your discussion forum. > > Ender ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel |
From: Ender M. <end...@ya...> - 2003-04-29 15:14:47
|
I think ideal solution would be to have a user repository interface. Previously proposed security model (roles, groups, users) can be accomplished both by database and AD. So you should be able to select the implementation of your repository. Having said that, I think this is a very time consuming task. So for now I would suggest copying Windows users data to User table during initial visit. This way users can set Rainbow specific attributes (subscribtion etc). We really don't need to worry about UserId lookups. I work for an investment bank and we have tables with more than million records. We can return 200+ records with 2 lookups (each lookup table is over million records) under a second. Looking up on a primary key field is very very efficient and that is what databases are optimized for. Plus don't forget that your module will be cached. --- Mark McFarlane <mar...@ar...> wrote: > I haven't gone through the latest Rainbow code for Windows > authentication, but I do need: > > - the ability for domain users to be able to do things like subscribe to > a newslist and set other user properties, e.g. nickname if they like. > > I don't think that in the windows authentication mode we should ignore > the SQL users table, we just don't use that table to authenticate users, > but otherwise the behavior between forms and windows authentication > would be identical (I haven't thought through this completely yet). > > I am not suggesting that Windows users must register, but they should be > able to use other 'my profile' features like mail list subscriptions, > nicknames, ... > > Actually, I think repetitive UserId lookups to get a 'friendly name' for > every discussion thread in the domain scenario can be very expensive, > particularly if you have a flat domain model with 50,000 users like my > company. > > In the forms auth. Mode, you don't really need to ever delete a user, > they can just be deactivated. This would avoid future problems where a > userId lookup couldn't' find the user. In the windows auth mode this > may still be a problem. > > Mark > -----Original Message----- > From: rai...@li... > [mailto:rai...@li...] On Behalf Of > Cory Isakson > Sent: Tuesday, April 29, 2003 6:09 AM > To: rai...@li... > Subject: Re: [Rainbowportal-devel] User nickname > > > Rainbow and Windows nicknames. > > When using Windows nicknames you would simply use the persons loginID. > DOMAIN\username. This is essentially the same as using Email address > with Forms authentication. Windows users never register and never have > any special nicknames or anything like that. I seem to remember someone > asking about registration for Windows users, but for most cases I do not > think that is good or necessary. Windows authentication implies an > Intranet where everyone is typically more known anyhow. > > Cory Isakson > > ----- Original Message ----- > From: "Ender Malkoc" <end...@ya...> > To: <rai...@li...> > Sent: Monday, April 28, 2003 9:02 AM > Subject: RE: [Rainbowportal-devel] User nickname > > > > Mark, > > > > Very good point. I thought about this and ideally, I would like to > > store UserId instead of CreatedBy. CreatedBy defeats the most basic > > database normalization rules. Performance won't be a big issue; Joins > > on primary keys > > are cheap unless you have million records. And we should even be able > > to import > > existing databases with a basic e-mail lookup. One of my concerns was > > the > > deleted users. But I think you can display "Deleted User" for them. > But > > I am > > not very clear on how Rb handles windows authentication. If you keep > > your user > > info in LDAP, I am sure you don't want to lookup nicknames for > > everysingle > > person in your discussion forum. > > > > Ender > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf _______________________________________________ > Rainbowportal-devel mailing list > Rai...@li... > https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Rainbowportal-devel mailing list > Rai...@li... > https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com |
From: Mark M. <mar...@ar...> - 2003-04-29 07:15:17
|
Gert, I'm not clear what you are proposing. Exactly which user properties do you suggest we copy into SQL the first time a windows authenticated user connects? Of course, certainly we would always continue to authenticate with the domain and not use the SQL repository. -----Original Message----- From: Geert Audenaert [mailto:gee...@sy...] Sent: Tuesday, April 29, 2003 9:31 AM To: 'Mark McFarlane'; rai...@li... Subject: RE: [Rainbowportal-devel] User nickname This is not a very big problem to solve. If a windows user first accesses the site one can create a copy of its data in the persistence model. This way there isn't even any difference in programming with the different user kinds. The only difference is situated in how the user registers him. Greetz, Geert ******************* Geert Audenaert Syntegra, creating winners in the digital economy +32 2 247 92 20 - check us out at www.syntegra.be ******************* -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Mark McFarlane Sent: dinsdag 29 april 2003 7:24 To: rai...@li... Subject: RE: [Rainbowportal-devel] User nickname I haven't gone through the latest Rainbow code for Windows authentication, but I do need: - the ability for domain users to be able to do things like subscribe to a newslist and set other user properties, e.g. nickname if they like. I don't think that in the windows authentication mode we should ignore the SQL users table, we just don't use that table to authenticate users, but otherwise the behavior between forms and windows authentication would be identical (I haven't thought through this completely yet). I am not suggesting that Windows users must register, but they should be able to use other 'my profile' features like mail list subscriptions, nicknames, ... Actually, I think repetitive UserId lookups to get a 'friendly name' for every discussion thread in the domain scenario can be very expensive, particularly if you have a flat domain model with 50,000 users like my company. In the forms auth. Mode, you don't really need to ever delete a user, they can just be deactivated. This would avoid future problems where a userId lookup couldn't' find the user. In the windows auth mode this may still be a problem. Mark -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Cory Isakson Sent: Tuesday, April 29, 2003 6:09 AM To: rai...@li... Subject: Re: [Rainbowportal-devel] User nickname Rainbow and Windows nicknames. When using Windows nicknames you would simply use the persons loginID. DOMAIN\username. This is essentially the same as using Email address with Forms authentication. Windows users never register and never have any special nicknames or anything like that. I seem to remember someone asking about registration for Windows users, but for most cases I do not think that is good or necessary. Windows authentication implies an Intranet where everyone is typically more known anyhow. Cory Isakson ----- Original Message ----- From: "Ender Malkoc" <end...@ya...> To: <rai...@li...> Sent: Monday, April 28, 2003 9:02 AM Subject: RE: [Rainbowportal-devel] User nickname > Mark, > > Very good point. I thought about this and ideally, I would like to > store UserId instead of CreatedBy. CreatedBy defeats the most basic > database normalization rules. Performance won't be a big issue; Joins > on primary keys > are cheap unless you have million records. And we should even be able > to import > existing databases with a basic e-mail lookup. One of my concerns was > the > deleted users. But I think you can display "Deleted User" for them. But > I am > not very clear on how Rb handles windows authentication. If you keep > your user info in LDAP, I am sure you don't want to lookup nicknames > for everysingle > person in your discussion forum. > > Ender ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel |
From: Geert A. <gee...@sy...> - 2003-04-29 07:48:33
|
In case of windows authentication off course we use the domain to verify user credentials, but this does not mean that we can't store his email-address, name, etc in the rainbow persistence model, along with other properties of his profile. The active directory of Microsoft is not really designed for fast searching and extending with custom properties. Colleagues of me, are doiing just the same in their php portal solution, witk great success. Greetz, Geert ******************* Geert Audenaert Syntegra, creating winners in the digital economy +32 2 247 92 20 - check us out at www.syntegra.be ******************* -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Mark McFarlane Sent: dinsdag 29 april 2003 9:16 To: rai...@li... Subject: RE: [Rainbowportal-devel] User nickname Gert, I'm not clear what you are proposing. Exactly which user properties do you suggest we copy into SQL the first time a windows authenticated user connects? Of course, certainly we would always continue to authenticate with the domain and not use the SQL repository. -----Original Message----- From: Geert Audenaert [mailto:gee...@sy...] Sent: Tuesday, April 29, 2003 9:31 AM To: 'Mark McFarlane'; rai...@li... Subject: RE: [Rainbowportal-devel] User nickname This is not a very big problem to solve. If a windows user first accesses the site one can create a copy of its data in the persistence model. This way there isn't even any difference in programming with the different user kinds. The only difference is situated in how the user registers him. Greetz, Geert ******************* Geert Audenaert Syntegra, creating winners in the digital economy +32 2 247 92 20 - check us out at www.syntegra.be ******************* -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Mark McFarlane Sent: dinsdag 29 april 2003 7:24 To: rai...@li... Subject: RE: [Rainbowportal-devel] User nickname I haven't gone through the latest Rainbow code for Windows authentication, but I do need: - the ability for domain users to be able to do things like subscribe to a newslist and set other user properties, e.g. nickname if they like. I don't think that in the windows authentication mode we should ignore the SQL users table, we just don't use that table to authenticate users, but otherwise the behavior between forms and windows authentication would be identical (I haven't thought through this completely yet). I am not suggesting that Windows users must register, but they should be able to use other 'my profile' features like mail list subscriptions, nicknames, ... Actually, I think repetitive UserId lookups to get a 'friendly name' for every discussion thread in the domain scenario can be very expensive, particularly if you have a flat domain model with 50,000 users like my company. In the forms auth. Mode, you don't really need to ever delete a user, they can just be deactivated. This would avoid future problems where a userId lookup couldn't' find the user. In the windows auth mode this may still be a problem. Mark -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Cory Isakson Sent: Tuesday, April 29, 2003 6:09 AM To: rai...@li... Subject: Re: [Rainbowportal-devel] User nickname Rainbow and Windows nicknames. When using Windows nicknames you would simply use the persons loginID. DOMAIN\username. This is essentially the same as using Email address with Forms authentication. Windows users never register and never have any special nicknames or anything like that. I seem to remember someone asking about registration for Windows users, but for most cases I do not think that is good or necessary. Windows authentication implies an Intranet where everyone is typically more known anyhow. Cory Isakson ----- Original Message ----- From: "Ender Malkoc" <end...@ya...> To: <rai...@li...> Sent: Monday, April 28, 2003 9:02 AM Subject: RE: [Rainbowportal-devel] User nickname > Mark, > > Very good point. I thought about this and ideally, I would like to > store UserId instead of CreatedBy. CreatedBy defeats the most basic > database normalization rules. Performance won't be a big issue; Joins > on primary keys > are cheap unless you have million records. And we should even be able > to import > existing databases with a basic e-mail lookup. One of my concerns was > the > deleted users. But I think you can display "Deleted User" for them. But > I am > not very clear on how Rb handles windows authentication. If you keep > your user info in LDAP, I am sure you don't want to lookup nicknames > for everysingle > person in your discussion forum. > > Ender ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel |
From: Ender M. <end...@ya...> - 2003-04-28 15:02:34
|
Mark, Very good point. I thought about this and ideally, I would like to store UserId instead of CreatedBy. CreatedBy defeats the most basic database normalization rules. Performance won't be a big issue; Joins on primary keys are cheap unless you have million records. And we should even be able to import existing databases with a basic e-mail lookup. One of my concerns was the deleted users. But I think you can display "Deleted User" for them. But I am not very clear on how Rb handles windows authentication. If you keep your user info in LDAP, I am sure you don't want to lookup nicknames for everysingle person in your discussion forum. Ender --- Mark McFarlane <mar...@ar...> wrote: > > One of the 'bad' original design decisions in IBS, and inherited by > Rainbow, is to store "CreatedBy" as a text string in every module > database table. > > When we implement row-level security for a table, e.g. let users edit > only discussion posts they made themselves, we need a 100% reliable way > to match a users current credentials with whatever text is stored in > "CreatedBy" > > This creates problems if nicknames or email addresses change and these > are what are stored in the database. A better solution is to change all > modules to use a UniqueID for each user, and then you can do a lookup to > get a friendly name for display, or an authentication check can be made > on the unique ID - (remember this needs to work on Windows > Authentication deployments as well). > > We could today change all modules to identify "CreatedBy" using a unique > userID, but then how do we convert existing databases? There is also a > performance hit in this, i.e. when displaying large tables with > "CreatedBy" you are doing a joined-lookup for every single row rather > than just blasting out another text field. > > Please think through the implications of current deployments before > changing the behavior of "CreatedBy" in every database table. > > As for the discussions, it would be possible to change the code in > DiscusionDB.cs to display most anything you want for the user name, i.e. > you could get the "CreatedBy" text from the database field, and then try > to 'find' the user, and then use their nickname or some other User table > field. > > Mark > > -----Original Message----- > From: rai...@li... > [mailto:rai...@li...] On Behalf Of > Cory Isakson > Sent: Monday, April 28, 2003 7:26 AM > To: rai...@li... > Subject: Re: [Rainbowportal-devel] User nickname > > > Ender, > > The nickname idea is excellent, but I do have 1 thing that should be > considered in the implementation. If you chose "superman" as your > nickname and become popular with that nickname then I may also want to > use it to pretend to be you in discussions. You don't want to force > unique nicknames because then you end up with names like coll23.1 and > nonsense like that. My thought would be to also create a unique integer > ID for each user and then use that along with the nickname. > ##_nickname. Just add it to the nickname when saving it and strip it > off when the user is changing the nickname and re-add it on update. > That way it is part of the field value, but the user cannot remove it > and it will force uniqueness and allow me to change my nickname. The > number will be my true identity. > > Those are my thoughts on it. > > Cory Isakson > cis...@ya... > > ----- Original Message ----- > From: "Ender Malkoc" <end...@ya...> > To: <rai...@li...> > Sent: Friday, April 25, 2003 9:23 AM > Subject: [Rainbowportal-devel] User nickname > > > > Guys, > > > > We have been using e-mail as user identification method for Rainbow. > > > I actually like this mechanism as they are guaranteed to be unique and > > people > > don't have any problem with forgeting it. > > But I hit a major obstactle with this. None of my users using my > site > > want > > their e-mail to be displayed when they participate in discussions > > because it is > > a public website. Or I can't enable the "Show Created by" feature > again > > for the > > same reason. Basically there are two reasons for this. One privacy; > > they don't > > want just anyone be able to see their e-mail. Two Spam bots: There are > > bots > > which surf the internet to find e-mails to spam. > > To resolve this issue, we need to enforce user to pick a unique > > nickname at > > the time of registration and use this field instead of e-mail throught > > the > > system. > > Of course using nicknames should be optional as it doesn't make > sense > > for > > some sites. What I am envisioning is this: > > 1. Add a site setting "Login User Identifier" with two options > > "Email" and > > "Nickname". This is what they will enter in the Login box. > > 2. Add a site setting "Display User Identifier" with two options > > "Email" > > and "Nickname". This is what will be displayed in Discussions, Created > > by. etc. > > 3. If both is selected to be Email, Nickname won't be shown in > > registration. > > 4. Email will always be shown and required. > > 5. If Nickname is selected for any of the two, it will be required > > and > > enforced to be unique. > > 6. If user doesn't have a nickname (if settings are changed after > > having > > users) he will be shown as "Anonymous User" > > > > Let me know if there is anything I missed. If noone have any problem > > > with it I want to make this change soon. So please provide feedback as > > > soon as possible. > > > > Sorry for the long e-mail > > > > Ender > > > > __________________________________________________ > > Do you Yahoo!? > > The New Yahoo! Search - Faster. Easier. Bingo http://search.yahoo.com > > > > > > ------------------------------------------------------- > > This sf.net email is sponsored by:ThinkGeek > > Welcome to geek heaven. > > http://thinkgeek.com/sf > > _______________________________________________ > > Rainbowportal-devel mailing list > > Rai...@li... > > https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel > > > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Rainbowportal-devel mailing list > Rai...@li... > https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Rainbowportal-devel mailing list > Rai...@li... > https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel __________________________________ Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. http://search.yahoo.com |
From: Cory I. <cis...@ya...> - 2003-04-29 03:08:42
|
Rainbow and Windows nicknames. When using Windows nicknames you would simply use the persons loginID. DOMAIN\username. This is essentially the same as using Email address with Forms authentication. Windows users never register and never have any special nicknames or anything like that. I seem to remember someone asking about registration for Windows users, but for most cases I do not think that is good or necessary. Windows authentication implies an Intranet where everyone is typically more known anyhow. Cory Isakson ----- Original Message ----- From: "Ender Malkoc" <end...@ya...> To: <rai...@li...> Sent: Monday, April 28, 2003 9:02 AM Subject: RE: [Rainbowportal-devel] User nickname > Mark, > > Very good point. I thought about this and ideally, I would like to > store > UserId instead of CreatedBy. CreatedBy defeats the most basic database > normalization rules. Performance won't be a big issue; Joins on primary > keys > are cheap unless you have million records. And we should even be able > to import > existing databases with a basic e-mail lookup. One of my concerns was > the > deleted users. But I think you can display "Deleted User" for them. But > I am > not very clear on how Rb handles windows authentication. If you keep > your user > info in LDAP, I am sure you don't want to lookup nicknames for > everysingle > person in your discussion forum. > > Ender |