Index: openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html,v diff -u -r1.40.2.14 -r1.40.2.15 --- openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html 6 Jan 2017 09:18:41 -0000 1.40.2.14 +++ openacs-4/packages/acs-core-docs/www/ext-auth-requirements.html 21 Apr 2017 15:07:52 -0000 1.40.2.15 @@ -117,7 +117,7 @@ the "local" authority, meaning we'll authenticate as normal using the local users table. This will, just like any other authority, be implemetned using a service contract.
Feature | Status | Description |
---|---|---|
Synchronizing and linking users | ||
EXT-AUTH-28 | A | Create service contract for Batch Sync. |
EXT-AUTH-38 | A | Batch User Synchronization API |
EXT-AUTH-38 | A | IMS Synchronization driver |
EXT-AUTH-08 | A | Automation of batch Synchronization |
EXT-AUTH-15 | B | On-demand syncronization |
Regardless of the login method, the user needs to have a row +and Linking Users
Feature | Status | Description |
---|---|---|
Synchronizing and linking users | ||
EXT-AUTH-28 | A | Create service contract for Batch Sync. |
EXT-AUTH-38 | A | Batch User Synchronization API |
EXT-AUTH-38 | A | IMS Synchronization driver |
EXT-AUTH-08 | A | Automation of batch Synchronization |
EXT-AUTH-15 | B | On-demand synchronization |
Regardless of the login method, the user needs to have a row in the OpenACS users table. This can happen through a batch job, in real-time, or both in combination. We use the IMS Enterprise 1.1 specification.
Batch job means that we do a synchronization (import new users, modify changed, purge deleted) on a regular interval, e.g. @@ -221,7 +221,7 @@ site configured to expire people's login after e.g. 2, 4, or 8 hours.
The other advantage is that we can still offer certain functionality to you, even when your login is not trusted. For -example, we could let you browse publically available forums, and +example, we could let you browse publicly available forums, and only when you want to post do you need to log in. This makes it even more feasible to have a more secure login expiration setting.
By default, auth::require_login
would