[Biojava-dev] Wiki status
Spencer Bliven
spencer.bliven at gmail.com
Fri Mar 11 16:08:28 UTC 2016
I spent the day upgrading the BioJava wiki and trying to get OpenID Connect
to work. It was probably a mistake to start this on a Friday, as I'm forced
to leave it in read-only mode for the moment.
Completed:
- Updated to MediaWiki 1.26. This should prevent further exploits.
- Updated some plugins (but not all)
Partially Working:
- Installed the OpenId Connect and got it working with Google.
Not working:
- New accounts are created for all OpenId Connect users. I haven't found a
way to specify username or other account info (it has some options for
generating usernames based on your Google account). New accounts do not
link to previous accounts, so all permissions are reset.
- Previous OpenID providers like Yahoo do not work, since they don't
support OpenID Connect. I'll look into whether the OpenId plugin is
compatible with the Connect.
- The update only worked for biojava.org. Upgrading major versions often
requires modifying LocalSettings.php, so the previous scheme of modifying
cross-site-stuff and hoping all the sites magically still work seems naive
to me. I think all the sites would be better off being independent (also
better security).
- Many plugins
The site currently has password logins, but is read-only to prevent the
inevitable deluge of spam.
Poll:
Would it be acceptable to require a google account for login?
Would it be acceptable to abandon all the existing users and make everyone
create a new one?
-Spencer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.open-bio.org/pipermail/biojava-dev/attachments/20160311/42ef6f3c/attachment.html>
More information about the biojava-dev
mailing list