[TYPO3-typo3org] just a quick idea // authentification & authorisation & openid // oath server

Steffen Gebert steffen.gebert at typo3.org
Fri Apr 5 08:03:56 CEST 2013

Hash: SHA1

Hi Olivier,

I agree that the SSO solution is far from optimal. In my dreams we have
an LDAP directory.

Nevertheless, I personally see no capacity for such a monster project
(however, a project which I would really support and welcome).

Some topics which make me force thinking:
- - What's a stable LDAP solution for our beloved TYPO3 CMS? One which
works without synchronization? Is there any?
- - How to implement groups/projects, which are currently managed by
Redmine? Having them in LDAP would be a seconds, but important step I think.

SimpleSAML mentioned by Thomas sounds like a really nice addition to
that, as I'm sure that most of the applications don't offer an OAuth
integration, thus relying on only OAuth would force us to change from
custom SSO adapters to custom OAuth adapters.

(AFAIK) non of us (=Server Team) has very deep LDAP knowledge. We have
one at our department, so I have basic knowledge. But when it comes to
HA setup (which we are running), I fear that we need far more knowledge
to sleep well (we're running a well working setup at University since ~5
years with one crash, where a split-brain happens and the older state

Things like that make me really afraid to kick that project off,
although I see the benefit of it. We could think about that, if we have
some experienced people from the community supporting us (IMHO), but I
don't know, what the rest of the team thinks.

Kind regards

- -- 
Steffen Gebert
TYPO3 Server Administration Team Member

TYPO3 .... inspiring people to share!
Get involved: http://typo3.org

I work for TYPO3 solely in my spare time. If you think that
my work helps you running your business, you are invited to
send me a donation via PayPal to this email address. Thanks

On 4/4/13 10:16 PM, Olivier Dobberkau wrote:
> Thomas suggest to use simplsaml
> https://twitter.com/tom_noise/status/319893927882805249
> @T3RevNeverEnd at our office we are using LDAP with simplsaml as
> openid/oath server
> http://simplesamlphp.org/
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the TYPO3-team-typo3org mailing list