The primary vision I had with this RFC was to separate the idea of a
MediaWiki user and an external authentication provider.
In other words, an individual is logging in as a local user, and that
user may be associated with one or more external "users". Each external
user is linked via a provider that can authenticate the external user's
credentials and give the users' groups from the authorization provider.
The reason behind this separation is to allow a bit more abstraction
between the local authentication layer and the actual verification of
credentials.
Regards,
--
Tyler Romeo
On 2/27/15 08:57, Legoktm wrote:
Hi!
Anomie, bd808, CSteipp, and myself have been working on updating Tyler's
previous AuthStack RfC:
<https://www.mediawiki.org/wiki/Requests_for_comment/AuthManager>.
Our goal is to build an authentication system that is flexible enough to
support the variety of usecases that MW currently supports and those it
should support in the future, without requiring tons of hooks or ugly hacks.
Please leave comments and feedback on the talk page :)
Thanks!
-- Legoktm
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l