[drupal-devel] remote auth and required email/password fields

Mark mark at nullcraft.org
Thu Mar 17 01:20:49 UTC 2005 

Moshe Weitzman wrote:

>>> see  http://alec.bohemiandrive.com/perm/2005/02/18/distributed- 
>>> authentication for the vision of where we intend to go with this. 
>>> noone  has volunteered to code it yet.
>>
>>
>> Excellent read.  The only concerns I would have would be with sites 
>> that aren't located at or have access to the root of a domain (like 
>> http://example.com/~user/drupal/).  His suggestion was to make doc 
>> root level assumptions about the location of various config files and 
>> to use SSL for server-to-server communication, which might not be 
>> available everywhere.  I would think the encryption 
>> method/communication channel should be configurable and allow for 
>> minimum-security arrangements (assuming all site admins supported 
>> this).  This article definitely deserves its own thread, and from the 
>> looks of it, I missed out on that thread already :(
>>
>>>
>
> we really didn't discuss it much. AdrianR and I described it over 
> beers and Dries nodded in approval. Perhaps you will start a thread on 
> drupal.org about it. You bring up a couple legit issues. Perhaps we 
> can have a fallback mechanism where we try https and if that fails, we 
> use plain http ... i think the path thing is a non issue since all 
> drupal requests go to index.php. i see no problem with sites in 
> subdirectories, just like today.

The concern that I had was that there was no mention of allowing 
"username"@"example.com:8080/~user/drupal/" to be a valid username.  It 
seemed like "username"@"example.com" was the only format that would 
work.  Specifying the port may be outside of the normal scope, but 
definitely rooting the drupal install in a subdir is very common.

>
>> I'll have to look into this module.  I'm currently dreading the 
>> thought of using the ldap module to talk to an active directory 
>> server for various intranet sites :(
>>
> yeah, thats usually overkill. see webserver_auth.module as well. it is 
> very simple, yet powerful. it runs on my company's intranet.

Thanks!

More information about the drupal-devel mailing list