[Systems] CAS auth for SL sites

[Aleksey Lim]

Hi all,

Starting up Bazaar (patched OBS), I had to add some auth method (existed
were just adding new users by an admin and auth method used bu Novel on
build.opensuse.org). I've setup CAS server [1].

I think it would be good to have [in addition to OpenID, at least] a
common login infrastructure for passwords based SL service sauch as
bazaar.sl.o, git.sl.o, activities.sl.o, bugs.sl.o, wiki.sl.o.

Current scheme is using wiki (at present, wiki-devel.sl.o) as a passwords
db because we need a web UI to let people create/change accounts. Bazaar
is already works, and also added CAS to new gitorious (hope to have
progress in setting up new VM for it). ASLO will be switched to CAS
while moving to new AMO code base, I'm planing to do that while working
on ASLO integration w/ Bazaar, this sucrose release cycle. I guess there
shouldn't be problems w/ wiki and trac as well.

If everybody agree we can:

* revert creating passwords based accounts on wiki
* integrate gitorious users db with wiki's one
* point wiki and git to CAS
* integrate other services when CAS support will be added

Future plans. Sacha works on ssl cert based auth method for
passwords-less login. I guess adding CAS (which might be useful right
now) will only help w/ further integration.

[1] http://wiki.sugarlabs.org/go/Service/cas

-- 
Aleksey