Wireshark-dev: Re: [Wireshark-dev] Git + Gerrit: next steps

From: Gerald Combs <gerald@xxxxxxxxxxxxx>
Date: Mon, 06 Jan 2014 14:35:23 -0800
On 1/2/14 6:36 AM, Joerg Mayer wrote:
> On Wed, Jan 01, 2014 at 02:11:43PM -0800, Gerald Combs wrote:
>> I was able to shoehorn openid-selector
>> (http://code.google.com/p/openid-selector/) into the login page on
>> test.code.wireshark.org. If you have an account at one of the top
>> providers listed at http://meta.stackoverflow.com/a/147872/139350
>> (including Stack Exchange itself) logging in should be trivial.
> 
> Technically I do have a launchpad account, so I could use that.
> My core issue is that I don't want to provide any of these entities
> with information about when I do Wireshark work.

I've been trying to come up with a response that's less awful than "find
an OpenID provider you trust or set up your own" but so far I've been
unsuccessful.

Gerrit supports several authentication methods (OpenID, LDAP, and HTTP)
but each one seems to assume that you have an existing account
somewhere. I.e. if we switch to LDAP or HTTP authentication the account
will have to be created and managed elsewhere.

The wiki and blog should both be able to act as providers in theory but
failed in practice. MoinMoin's provider code scans the entire user
database at least once for each page load. Enabling it on
wiki.wireshark.org immediately slows the system to a crawl. Wordpress'
OpenID provider doesn't seem to generate valid output. Neither Gerrit
nor Stack Exchange recognized it.

I'll keep looking for options.