<p dir="ltr">Should we clear Discourse for this? Or just roll with it?</p>
<p dir="ltr">Let's try having a dedicated time and date to switch systems over so that we can do it all at once.</p>
<p dir="ltr">Robert</p>
<div class="gmail_quote">On 22 Jan 2016 17:31, "Jean-Claude Vanier" <<a href="mailto:jclvanier@gmail.com">jclvanier@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">There is a dedicated LemonLdap page on the bbw ...<br>
I think we can try to connect discourse to the SSO system now.<br>
<br>
<br>
2016-01-22 22:22 GMT+01:00 Robert Xu <<a href="mailto:robxu9@gmail.com">robxu9@gmail.com</a>>:<br>
> Oh. I see it now - okay. We should document that somewhere...<br>
><br>
> Looks like we're more or less all set?<br>
><br>
> On 22 January 2016 at 14:38, Jean-Claude Vanier <<a href="mailto:jclvanier@gmail.com">jclvanier@gmail.com</a>> wrote:<br>
>> I guess here: "virtual hosts/<a href="http://manager.openmandriva.org/rules/default" rel="noreferrer" target="_blank">manager.openmandriva.org/rules/default</a>"<br>
>><br>
>> 2016-01-22 19:10 GMT+01:00 Robert Xu <<a href="mailto:robxu9@gmail.com">robxu9@gmail.com</a>>:<br>
>>> Oh, guess not - where are the rules declared for manager access, though?<br>
>>> I can't find them..<br>
>>><br>
>>> On 22 January 2016 at 12:58, Jean-Claude Vanier <<a href="mailto:jclvanier@gmail.com">jclvanier@gmail.com</a>> wrote:<br>
>>>> I don't understand. Who, beside the admins, can access the manager, curently ?<br>
>>>><br>
>>>> 2016-01-22 18:48 GMT+01:00 Robert Xu <<a href="mailto:robxu9@gmail.com">robxu9@gmail.com</a>>:<br>
>>>>> Umm... So I just checked - I think we're only checking if we're<br>
>>>>> authenticated, and if so, we're allowing everyone access to the<br>
>>>>> manager.<br>
>>>>><br>
>>>>> I think we should probably set some rule or something..<br>
>>>>><br>
>>>>> On 22 January 2016 at 12:34, Jean-Claude Vanier <<a href="mailto:jclvanier@gmail.com">jclvanier@gmail.com</a>> wrote:<br>
>>>>>> I'm not sure we can do it with lemonldap as a general rule. But it's<br>
>>>>>> easy with phpldapadmin.<br>
>>>>>> Btw, I have reorganized the bbw pages about SSO stuffs.<br>
>>>>>><br>
>>>>>> 2016-01-22 17:56 GMT+01:00 Robert Xu <<a href="mailto:robxu9@gmail.com">robxu9@gmail.com</a>>:<br>
>>>>>>> I forget how lemonldap determines who is an admin and who isn't..<br>
>>>>>>><br>
>>>>>>> On 22 Jan 2016 10:35, "Jean-Claude Vanier" <<a href="mailto:jclvanier@gmail.com">jclvanier@gmail.com</a>> wrote:<br>
>>>>>>>><br>
>>>>>>>> On one hand, even if manager has a dns set, a non logged user<br>
>>>>>>>> attempting to open it is redirected to auth and a logged user without<br>
>>>>>>>> admin permission get a frightening black page.<br>
>>>>>>>> On the other hand, manager will be seldom used, so a simple record in<br>
>>>>>>>> one's /etc/host can be enough.<br>
>>>>>>>> I have no strong opinion on this matter.<br>
>>>>>>>><br>
>>>>>>>> 2016-01-22 15:27 GMT+01:00 Robert Xu <<a href="mailto:robxu9@gmail.com">robxu9@gmail.com</a>>:<br>
>>>>>>>> > Careful - we don't want anyone accessing the manager; only those who are<br>
>>>>>>>> > proxied into Jasper or Ruby.<br>
>>>><br>
>>>> _______________________________________________<br>
>>>> OM-Infra mailing list<br>
>>>> <a href="mailto:OM-Infra@ml.openmandriva.org">OM-Infra@ml.openmandriva.org</a><br>
>>>> <a href="http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org" rel="noreferrer" target="_blank">http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org</a><br>
>>><br>
>>><br>
>>><br>
>>> --<br>
>>> cheers, Robert :: <a href="http://github.com/robxu9" rel="noreferrer" target="_blank">github.com/robxu9</a><br>
>>><br>
>>> _______________________________________________<br>
>>> OM-Infra mailing list<br>
>>> <a href="mailto:OM-Infra@ml.openmandriva.org">OM-Infra@ml.openmandriva.org</a><br>
>>> <a href="http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org" rel="noreferrer" target="_blank">http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org</a><br>
>><br>
>> _______________________________________________<br>
>> OM-Infra mailing list<br>
>> <a href="mailto:OM-Infra@ml.openmandriva.org">OM-Infra@ml.openmandriva.org</a><br>
>> <a href="http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org" rel="noreferrer" target="_blank">http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org</a><br>
><br>
><br>
><br>
> --<br>
> cheers, Robert :: <a href="http://github.com/robxu9" rel="noreferrer" target="_blank">github.com/robxu9</a><br>
><br>
> _______________________________________________<br>
> OM-Infra mailing list<br>
> <a href="mailto:OM-Infra@ml.openmandriva.org">OM-Infra@ml.openmandriva.org</a><br>
> <a href="http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org" rel="noreferrer" target="_blank">http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org</a><br>
<br>
_______________________________________________<br>
OM-Infra mailing list<br>
<a href="mailto:OM-Infra@ml.openmandriva.org">OM-Infra@ml.openmandriva.org</a><br>
<a href="http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org" rel="noreferrer" target="_blank">http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org</a><br>
</blockquote></div>