TYPO3 Forge - Behind the Scenes: One User, One Password

By: Sebastian Kurfuerst

Now, I'm going to show you some convenient features for project admins and members which are related to single-signon! Some months ago, a TYPO3 developer needed about five accounts - we want to change that!

About two years ago, bugs.typo3.org was first connected to typo3.org with single-signon. When forge came into being, it was only natural to follow this path, thus Robert has written a custom SSO connector right in the beginning of customizing the platform.

That's all neat and shiny, but we still had another problem:

For our new subversion server at svn.typo3.org (it's the same physical server as forge), people still needed another username and password.

After a bit of research, we discovered an apache module called mod_auth_external allowing to authenticate against a custom script. That was already a huge step into the right direction, and after the custom script was written, people can now log in at subversion with their typo3.org frontend user account.

That was the status at which we went online.

If you know Subversion, you know that we still have to configure groups and a user-group mapping for fine-grained access rights - this is done in the file conf/authz. Needless to say it would be really uncool if somebody had to edit this file by hand!

I wrote a custom redmine plugin which solves all this:

• There is a new permission called "SVN Write"
• We can set this permission for each role
• If a user is added to a project, he instantly gets SVN access for the project!

I hope this feature (which is online since today) encourages the adoption of forge.typo3.org as a platform for extension development or bigger projects!

Please tell me what you think, either as a comment here or by writing an email to me

Greets,
Sebastian

---