Changes between Version 1 and Version 2 of LdapSupport


Ignore:
Timestamp:
Apr 13, 2014, 12:45:11 PM (10 years ago)
Author:
davea
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • LdapSupport

    v1 v2  
    22
    33model
    4    an account can optionally have an "external authorizer", described by
     4   an account can optionally have an "external authorizer" (EA), described by
    55      authorizer type
    66         LDAP, OpenAuth
    77      authorizer URL
    88      authorizer account ID
     9
     10if user creates account using EA,
     11    they shouldn't be aware of a separate BOINC account
     12
     13if an account has an EA, user can remove it
     14    (after which they have to login with password)
     15
     16if an account doesn't have an EA, user can add it
     17
     18web login
     19    login form has "log in with LDAP" link
     20    handler:
     21        authorize account w/ LDAP server
     22        get back email, ID
     23        if acct w/ that email exists
     24            if authorizer info matches, OK
     25            else show error
     26                "a PROJECT account with that email address exists,
     27                but isn't configured to log in with LDAP.
     28                Please log in using email and PROJECT password."
     29        else
     30            create account
     31        if
    932
    1033database