[Mageia-sysadm] [LONG] sympa ( and web apps ) ldap authentication

Romain d'Alverny rdalverny at gmail.com
Thu Nov 25 21:23:14 CET 2010 

On Thu, Nov 25, 2010 at 20:54, Olivier Thauvin
<nanardon at nanardon.zarb.org> wrote:
> * Romain d'Alverny (rdalverny at gmail.com) wrote:
>> In this case, it may be that the cognitive effort to remember an email
>> address one already uses regularly is easier than the one to remember
>> a username that one may use only to authenticate (actually, that was
>> the hypothesis back at the time).
>
> It is possible to include in catdap a way to receive a reminder about
> users informations from a email.
>
> But the usage of email as login in my.mdv also make my life harder since
> I never remember which one of my 5 emails was used (the same issue apply
> on other website).

Well, had my.mandriva been completed, you could have registered your 5
emails addresses and authenticate using each of these (+ your unique
id). That was the point.

> The worst happend when I had to change my email
> address because it had to disappear.

I understand that. So we have two conflicting use cases (and it was to expect).

> User must be able to change their email address. Changing the login will
> probaby have side effect, so using email as login is probably a bad
> idea.

These are unrelated (or should, at least). It did not push any
blocking issue for the past 5 years we used it at Mandriva.

> We can ensure unicity of login on our side because we have full control,
> but nothing prevent to a company to give same email to several people,
> or to give a previously used email address to a new employee.
>
> If the account become important (sys admin, distrib manager), we then
> cannot ensure who receive the information we send.

Yes but this is true anyway. Nothing new here, and nothing different
whether we use email as an auth id or not.

Never mind. I was just trying to push the point that the identity/ldap
thing is not just for contributors/build system and should then be
open to more flexible use-cases (than just a frozen username/password
id/auth process). We'll get there with time I guess. Let's have the
thing running first.

Cheers,

Romain

More information about the Mageia-sysadm mailing list