FS#22131 - {archweb} Proposal on how to create one user database for all applications

Attached to Project: Arch Linux
Opened by Nico Schottelius (telmich) - Friday, 17 December 2010, 21:26 GMT
Last edited by Dan McGee (toofishes) - Wednesday, 12 December 2012, 03:47 GMT
Task Type Bug Report
Category Web Sites
Status Closed
Assigned To Dan McGee (toofishes)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 3
Private No

Details

Description:

This is a proposal on how a migration to one database for users could be done:

http://www.nico.schottelius.org/blog/archlinux-single-authentication-database/

This task depends upon

Closed by  Dan McGee (toofishes)
Wednesday, 12 December 2012, 03:47 GMT
Reason for closing:  Won't implement
Additional comments about closing:  This isn't happening.
Comment by Allan McRae (Allan) - Saturday, 18 December 2010, 01:47 GMT
Fix any collisions
* Define what a fix is: Delete or merge or rename or whatever

That is still the insurmountable obstacle... We can not just deleting/renaming accounts.
Comment by Nico Schottelius (telmich) - Saturday, 18 December 2010, 08:19 GMT
I'm wondering why. This happens (has happened) in almost every bigger organisation and is (from my point of view) just a simple problem. I assume that in most cases same usernames == same users.

In this case the only change that may happen to the user is that only of out of 4 passwords can be used in the migration.

In case of a conflict and the users are definitely different users (I assume those are only very little), one can either rename
one or for fairness reasons both accounts. One could even consider renaming using suffixes of the system, like telmich_bugtracker,
which also states the origin.

I understand that this is not beautiful, but neither is the current situation.

This may be a step that must be taken, if there should be one user database.
Comment by Allan McRae (Allan) - Saturday, 18 December 2010, 08:33 GMT
How do we know if the same username represents the same or different users? e.g. I have the same username, but different email addresses associated with some accounts.
Comment by Nico Schottelius (telmich) - Saturday, 18 December 2010, 09:10 GMT
Well, you can easily add some heuristics and in case of question the accounts are not the same.

I wouldn't investigate too much into this topic until it's clear how many conflicts are there, which cannot be resolved easily,
because of disjunct foreign keys (like realname, email, url, whatever).
Comment by Sergej Pupykin (sergej) - Monday, 18 April 2011, 11:04 GMT
btw, it looks like all except AUR somehow supports LDAP authentication
Comment by cfr (cfr42) - Thursday, 12 April 2012, 23:27 GMT
Is it that unusual to have conflicts? I've ended up with at least 3 user names because the one I used on the forums was taken everywhere else...
Comment by tim (sudokode) - Monday, 10 December 2012, 23:58 GMT
It seems like an easier solution is to go with a universally unique user ID, like an email address. Allow users to select and change usernames later on just like they would passwords. The usernames could just be aliases that are displayed, or they could be unique, but changeable. Could also set it up to allow multiple email addresses to be added to an account and have a default set for each service to accommodate people in Allan's situation. Perhaps this calls for one service to manage account information via the Arch website.

As for the transition, it would be easier with a service specifically available to manage accounts. Users could start creating new accounts with this system, then have the option to tie old accounts with the old authentication to their new accounts, thus importing the data.

How this will all work, I haven't the slightest idea, but I do agree that this seems like a reasonable request.

Loading...