I recall one of the required features of any CMS for the Docs project is integration with FAS. Is this something that is going to require customization, or does FAS use some kind of a standard interface or protocol, such as LDAP or OpenID or the like?
________________________________________________________________________
Basil Mohamed Gohar abu_hurayrah@hidayahonline.org www.basilgohar.com
On Sat, Jan 24, 2009 at 06:56:20AM +0800, Basil Mohamed Gohar wrote:
I recall one of the required features of any CMS for the Docs project is integration with FAS. Is this something that is going to require customization, or does FAS use some kind of a standard interface or protocol, such as LDAP or OpenID or the like?
FAS does have an OpenID interface where the user can authenticate through http://fasname.id.fedoraproject.org/.
On Fri, Jan 23, 2009 at 3:56 PM, Basil Mohamed Gohar abu_hurayrah@hidayahonline.org wrote:
I recall one of the required features of any CMS for the Docs project is integration with FAS. Is this something that is going to require customization, or does FAS use some kind of a standard interface or protocol, such as LDAP or OpenID or the like?
They do, at least in python, Fedora Client fits the bill.
http://lmacken.fedorapeople.org/python-fedora/client.html
Clint
Basil Mohamed Gohar wrote:
I recall one of the required features of any CMS for the Docs project is integration with FAS. Is this something that is going to require customization, or does FAS use some kind of a standard interface or protocol, such as LDAP or OpenID or the like?
There is an OpenID provider in FAS. The problem is that openid can only do authentication, not authorization. If we want to store group information in FAS (and we do... but it may or may not be essential) then we need to go beyond OpenID.
FAS provides a JSON API for people to query. That's how mediawiki and the TG web applications work. koji and the actual servers on which fedora infrastructure runs are synced from the fas server on an hourly cron job.
If possible, using the JSON API is the way to go.
-Toshio
On Fri, 2009-01-23 at 15:37 -0800, Toshio Kuratomi wrote:
There is an OpenID provider in FAS. The problem is that openid can only do authentication, not authorization. If we want to store group information in FAS (and we do... but it may or may not be essential) then we need to go beyond OpenID.
FAS provides a JSON API for people to query. That's how mediawiki and the TG web applications work. koji and the actual servers on which fedora infrastructure runs are synced from the fas server on an hourly cron job.
If possible, using the JSON API is the way to go.
So FAS does its own authorization & authentication, rather than using another system to which we can plug in?
________________________________________________________________________
Basil Mohamed Gohar abu_hurayrah@hidayahonline.org www.basilgohar.com
Basil Mohamed Gohar wrote:
On Fri, 2009-01-23 at 15:37 -0800, Toshio Kuratomi wrote:
There is an OpenID provider in FAS. The problem is that openid can only do authentication, not authorization. If we want to store group information in FAS (and we do... but it may or may not be essential) then we need to go beyond OpenID.
FAS provides a JSON API for people to query. That's how mediawiki and the TG web applications work. koji and the actual servers on which fedora infrastructure runs are synced from the fas server on an hourly cron job.
If possible, using the JSON API is the way to go.
So FAS does its own authorization & authentication, rather than using another system to which we can plug in?
Right. FAS == Fedora Account System. It's the canonical place for all account information. Things that need authentication and authorization are supposed to get the data from it.
-Toshio
docs@lists.stg.fedoraproject.org