« Bloglines Web Servic... | Main | New box arrives, old... »

Roller 0.9.9.5 status

I've been working on the Roller user management and login code for over a week now. I just committed a bunch of changes. Here is a summary of my progress in this area:

  • HTTPS for login only: Roller can now be configured to force logins to happen over HTTPS, while the rest of the UI remains on HTTP. I did this by using Jon Lipsky's SecureTag from AppFuse to force the login page to HTTPS and then later to force the UI back to HTTP.

  • Editor/Admin UI URL improvements: Editor pages under /editor, admin under /admin. This makes it easier to setup security constraints for editor and admin roles. This was a sweeping change that affected almost all Struts actions in the editor/admin UI.

  • Admin role: admin users are no longer specified in the Roller config, instead they have the admin role. The user-admin page now allows you grant and revoke this role and there is a command-line utility for doing the same.
  • Allow admins to create new users: admins can now create new users through the editor/admin UI, even if new user registration is off.

  • Encrypted passwords: Roller can now be configured for encrypted passwords and a utility exists for converting Roller from an unencrypted setup to an encrypted one.

  • Confirmation passwords: all password prompts now ask for password to be entered twice for confirmation.

  • Unit tests with HSQLDB: Added a couple of Ant tasks and so that the Roller build script can start, init, and stop HSQLDB as needed during unit testing. Also added Ant targets so that you can start, init, and stop HSQLDB when you run are running unit tests directly from your IDE.

Apart from bug fixes the only thing holding Roller 0.9.9.5 back now is comment spam. I need to add some form of comment authentication and introduce some better tools for comment spam removal.

Dave Johnson in Roller Comments [3]
Tags: Roller

Comments:

I just build and deployed from CVS to http://roller.vandermolen.net. First thing I saw is an actionforward issue on the Main page. After creating a new user, more seemed to go wrong: could create a new entry, which appears on the main page, but when going to the actual weblog I get an empty page (see Dick's test log, login dick/dick). Hope to take a better look tomorrow (stack traces, etc.)

Posted by Jaap on October 05, 2004 at 06:05 PM EDT #

It would be really cool to be able to get Roller to easily use LDAP for its users and authentication.

Posted by Katherine Lim on October 09, 2004 at 12:54 AM EDT #

NICE INFORMATION <a href="https://mubble.freshworks.com/oauth/authorize?client_id=41441690836303948&redirect_uri=http://bce-sby.telkomuniversity.ac.id&response_type=code&hd=mubble.freshdesk.com">URL</a> <a href="https://services.nfpa.org/Authentication/GetSSOSession.aspx?return=https://bce-sby.telkomuniversity.ac.id/">URL</a> <a href="http://nads.altervista.org/?wptouch_switch=desktop&redirect=https://bce-sby.telkomuniversity.ac.id">URL</a>

Posted by el pebri on March 25, 2024 at 03:44 AM EDT #

Post a Comment:
  • HTML Syntax: NOT allowed

« Bloglines Web Servic... | Main | New box arrives, old... »

Welcome

This is just one entry in the weblog Blogging Roller. You may want to visit the main page of the weblog

Related entries

Below are the most recent entries in the category Roller, some may be related to this entry.