[Fedora-infrastructure-list] AccountSystem2 updated
Mike McGrath
mmcgrath at fedoraproject.org
Fri Jul 7 15:05:27 UTC 2006
Tom Lynema wrote:
> The AccountSystem2 wiki page has been updated with the discussion that occurred today.
> http://fedoraproject.org/wiki/Infrastructure/AccountSystem2
>
>
> ~lyz
I have a few wants to add to the list.
1) I'd like, as much as possible, updates to replicate immediately.
This may end up being more the way our end apps communicate with the
accounting system. I know an hour isn't long to wait in most cases but
it would be nice, and probably have a better design, to have most of our
apps contact the database or LDAP backend or whatever to get their
information instead of having scripts run all the time. For many of our
web apps this is already being done to a degree. There's a small tweak
we need to make to the db or I need to take a closer look at mod_auth_pgsql.
2) a documented API in major supported languages.
3) History/Rollback functions. With so many trusted people working on
different parts of the system I think this is necessary. Maybe not for
version 1 but somewhere.
4) encrypted passwords
5) More focus on 'key' based access when appropriate.
Comments on LDAP:
I think that whether we use LDAP or don't use LDAP we'll end up using
some sort of database back end for many things. This seems fairly
typical to me. OTRS and Cacti, for example, have full support for LDAP
while maintaining their own database backends using the LDAP username or
email address as the unique identifier to link LDAP to the db. Our
accounting system could do something similar though groups, keys, user
info and passwords can all be stored in LDAP.
-Mike
More information about the infrastructure
mailing list