Index: openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html,v diff -u -r1.40.2.11 -r1.40.2.12 --- openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html 23 Jun 2016 08:32:45 -0000 1.40.2.11 +++ openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html 3 Oct 2016 09:17:51 -0000 1.40.2.12 @@ -310,7 +310,7 @@ nice real-time collaboration feature frequently requested by members of the community. This is particularly interesting when integrated with a chat or instant messaging service like -Jabber.

What I'm concretely suggesting is that we keep a record of +Jabber.

What I'm concretely suggesting is that we keep a record of which authenticated users have requested pags on the site in the last x minutes (typically about 5), and thus are considered to be currently online. There's nothing more to it. This lets us display @@ -340,7 +340,7 @@ Authenticating against multiple servers simultaneously

FeatureStatusDescription
EXT-AUTH-36
EXT-AUTH-36AAuthenticate against multiple servers

Both OKI and OpenACS supports a form of stacking, where you can be logged into multiple authorities at the same time. This is useful if, for example, you need to get login tokens such as -Kerberos tickets for access to shared resources.

I can see the value in this, but for simplicity's sake, I'm +Kerberos tickets for access to shared resources.

I can see the value in this, but for simplicity's sake, I'm in favor of keeping this use-case out of the loop until we have someone with a real requirement who could help us guide development.

For now, OpenACS is still more of an integrated suite, it @@ -358,7 +358,7 @@ PAM level, so we don't have to write them all ourselves. The downside is that we can't do things like account creation, password management, real-time account synchronization, etc., not supported - by PAM (I'm not entirely sure what is and is not + by PAM (I'm not entirely sure what is and is not supported).

  • RADIUS

  • LDAP

  • RADIUS

    RADIUS is a simple username/password-type authentication server.

    It also supports sending a challenge to which the user must respond with the proper answer (e.g. mother's maiden name, or could