Community
Participate
Working Groups
The blogs site was recently tweaked to use the Eclipse Site Login [1] instead of a local Bugzilla auth, and I think we should do the same for wiki. - this will move us one step closer to a single sign-on - we can also tweak the 'local' wiki users table to link to the Bugzilla ID instead of the email address, like I did with blogs. This would fix bug 211909.
I think we ought to modify the code of the login site so that once you login it redirects you back to the page where you came from, which would really help with the usability of the login page for different targets (wiki, blogs, etc). Also, if we're doing a single login scenario, is there a reason we shouldn't have it use committer credentials as well (a la Portal)? One of my ideas for fixing our Bugzilla<->committer login mismatches is to have the login page have the possibility of tying accounts together by Bugzilla ID right when you log in. If you login with BZ credentials and it doesn't have a committer account tied to this BZ ID (not email address), it prompts you to login again with committer credentials. If you decline, it marks in a table that this ID is not a committer. If you go ahead and do it, then it stores it and doesn't bug you again. We could have another page you come back to in order to modify that if you want. By getting both logins at the same time you guarantee it's the same person and you don't have to have matching email addresses.
(In reply to comment #1) > redirects you back to the page where you came from The code already does that. Is it not working for you? It may not necessarily work reliably in the case of the blogs site, as the site login must redirect you to the Wordpress login, so I have 2 levels of redirections. Anyway, give it a try and open a bug if you find a test case that doesn't work. > Also, if we're doing a single login scenario, is there a reason we shouldn't > have it use committer credentials as well (a la Portal)? That's just confusing. If I'm a committer, which one do I use? All commttiers must have a bugzilla account anyway. We had (have?) problems with committers logging into the portal using BZ creds and not seeing the committer's view.
(In reply to comment #2) > It may not necessarily work reliably in the case of the blogs site, as the site > login must redirect you to the Wordpress login, so I have 2 levels of > redirections. Yeah, it doesn't work with the blogs site. > > Also, if we're doing a single login scenario, is there a reason we shouldn't > > have it use committer credentials as well (a la Portal)? > > That's just confusing. If I'm a committer, which one do I use? All commttiers > must have a bugzilla account anyway. We had (have?) problems with committers > logging into the portal using BZ creds and not seeing the committer's view. That's only confusing because people are using Bugzilla logins that don't match their committer address. That's why I suggested part 2 of my comment above.
(In reply to comment #3) > Yeah, it doesn't work with the blogs site. Can you add your comments to bug 257675? I was on the blogs site this morning to post a comment on a blog, I hit the login button, logged in, then was redirected to the right blog post. So it does work, but I think it's not working with all the use cases. I may simply be too intimate with it all to figure it out.
I'm approaching completion on this except: > - we can also tweak the 'local' wiki users table to link to the Bugzilla ID > instead of the email address, like I did with blogs. This would fix bug > 211909. Not as easy as I would have hoped. I can embed the Bugzilla ID inside a wiki option, but I'd have to set up a cron job to monitor (and update) changed emails from Bugzilla. Not as pretty as I'd like.
Making this depend on bug 257675. If the Wiki uses the Site login, that needs to be fixed.
This was pushed live.
woot!
