[insight]Non FAS Login

Paul W. Frields stickster at gmail.com
Wed Jun 8 12:35:25 UTC 2011 

On Wed, Jun 08, 2011 at 08:54:19AM +0530, Hiemanshu Sharma wrote:
> Most of you know my GSoC project is on Fedora Events System and I am
> slowly getting started with it right now (Darned exams kept me out
> for a long time). Now when a new event is created anyone can attend
> it and register online for it. Well for first timers we don't really
> expect them to have FAS accounts so I would like to allow login via
> OpenID, twitter and/or Facebook which allows access to only a
> specific part of the site (they can register for events, comment on
> posts and vote for bar camps events). What are your thoughts on
> this?

I think it makes perfect sense for your project to accept all these
other authentication types.  Authentication via FAS should not be a
requirement or blocker.

Having said that, what you'll find is that the AuthFAS plugin I wrote
is extremely lightweight and "plays well with others."  It's no
different than these other types, except that it offers the additional
feature of mapping a FAS group to a specific Drupal role.  That means
that if you end up using roles to assign permission levels for
different types of users, you can manage them through FAS if desired.

Now if I remember correctly, the AuthFAS module actually allows
validation of a login even if there's no FAS account.  See line 320
here:
  http://git.fedorahosted.org/git/?p=drupal6-authfas.git;a=blob;f=authfas.module

The question is whether other validation methods like OpenID are each
consulted in turn as part of the user_login_authentication_validation
function's normal performance.  I admit I haven't tested that because
it wasn't a design criterion for our system.

What I suggest is that you install the AuthFAS plugin and see how well
it plays with these other validation options.  If it doesn't work
well, I'd like to know about it so I can improve the module.  In a
Fedora instance of your events system, we'd certainly like people to
be able to register/login via FAS but that shouldn't be the only
option.  So it's up to us to fix drupal6-authfas so that would work
properly, if needed.


-- 
Paul W. Frields                                http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
  http://redhat.com/   -  -  -  -   http://pfrields.fedorapeople.org/
Red Hat Summit/JBossWorld -- Register now!  http://.theredhatsummit.com

More information about the logistics mailing list