On 1/4/11 12:51 PM, Platonides wrote:
I don't see how FS authentication is useful there. All authentication would be performed by mediawiki, with a master credential such as $wgDBpassword. MediaWiki shouldn't need to send the media server a user password!
Nobody said we'd be sending user passwords over to a media server. Most of the time, even regular MediaWiki servers don't need to see passwords. They just need some means to authenticate the session cookie.
But like I said we don't have very firm plans about how we would do authentication.
(NB sysops should be able to remove goatses from forum avatars...)
Yeah. Avatars can be tricky. Also to be pedantically correct you want to have some guard against impersonation (using same icon, and maybe adding unicode space characters or other trivial changes to username).