MUniversity of Minnesota

September 16, 2003

So far ...

So far, so good. Bill has been working on setting up our x.500 system as the authentication method of choice for users to both create a blog and log into the MT system. MT blogs are created kind of uniquely in that MT expects the user to first create the web directories that will hold the blog site proper. In other words, before a user can create a blog, they must first create the directories on their web server that will host the blog that everyone sees. The must also give those directories the right permissions so that MT can write to them. What we are trying to do is automate that step so that the necessary directories are created on the fly.

Of course, it's not really as simple as that. MT is actually a pretty complex piece of coding. However, we have to take out this complexity so the most novice of user can easily create his or her own blog. Here is what we envision:

  1. The user is asked for their x.500 Internet ID and Password
  2. Upon authentication and authorization the system looks to see if the user has already created a blog. If so, they are passed into the administration interface for that blog.
  3. If a blog has not been created for that user they are passed to another interface that asks them:
    1. What do you want to name your blog?
    2. What do you want to name the directory for your blog?
  4. The system then takes this information and:
    1. Creates the main web directory for the blog
    2. Creates the archives directory for the blog
    3. Creates the initial database entry for the blog in the MT MySQL database including the necessary configuration information
    4. Creates the user information in the MT MySQL database including the right permissions to access and modify their newly created blog
  5. The user is then forwarded to the main menu screen of MT where he or she can begin modifying the blog.

Sounds easy, right? Yes and no. The x.500 authentication is proving to be a little more sticky then expected due to the fact that every transaction within the admin module for MT essentially reauthenticates a person. What Bill has to do is figure out how to force the MT system to use x.500 (or the Central Auth. Hub) rather than MT's built in authentication system. I think he's on the right track, though.

Posted by snackeru at September 16, 2003 04:00 PM