On 16/08/16 10:30, Fabian Arrotin wrote: > For existing resources within centos.org that we deployed before ACO was > available, those were configured to use their built-in users DB. So we > can invest time to see which are the possibilities to be tied to ACO but > it needs at least some glue, like for example token/oauth. Actually, ACO > on its own can't do that (nor is "ldap" compatible) so we need to setup > something in between (like what's done for the Fedora project) to do > that, like either ipsilon (https://ipsilon-project.org/) or keycloak > (http://www.keycloak.org/) prolly worth looking at keycloak once > But the remaining issue would then be to have *everybody* signing > through ACO to get an account that will match with each deployed > applications (like MantisBT for bugs.centos.org and so on). So you can > imagine the impact Would we not be able to rehash the user accounts from bugs.centos.org over to a.c.o ? and send them all a reminder to set a new password ? -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc