[Admin-discuss] Web Forums - Authentication and Security

Sean revenant at redbrick.dcu.ie
Fri Apr 23 22:17:49 IST 2010


Hi

As you may have heard, the committee are optioning installing a web based
forum for their users to use for discussing various topics, much like the
existing nntp based boards.

The type of forum will most likely be vBulletin, though PHPBB and SMF
haven't been completely written off.

The issue is how to manage user authentication.

The board will probably be going behind pubcookie. While this makes it less
convenient for the users, there are benefits of privacy and additional
security.

Two options were suggested for user management on the board itself.

The first would be to install a quick plug in to allow authentication from
though LDAP. User accounts would be created automatically. This seems
relatively straightforward, though it's potential insecurity has been
pointed out.

Another option suggested by a few people is to implement a Redbrick OpenID
provider and force the board to only accept redbrick openids. This sounds
kind of interesting to me.

Thoughts, advice, opinions?

Seán
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.redbrick.dcu.ie/pipermail/admin-discuss/attachments/20100423/af435d5e/attachment.htm 


More information about the Admin-discuss mailing list