Re: MultiAuth (MySQLAuth) - what happens to the account when the username is remove

Thread: Re: MultiAuth (MySQLAuth) - what happens to the account when the username is remove

Search this list only Search all lists
Re: MultiAuth (MySQLAuth) - what happens to the account when the username is remove
	2007-01-23 14:53:04
Hi , I wouldn't do that, my suggestion is you avoid making the authent process complex like this. (not because it won't work, but because getting a complex authent process will lead to odd problems that will be hard to figure out, and generally make your email system less stable/reliable) Anyway, ignoring my advice for a second, it can almost work, however, there is a combination of features you want that it can't support. It can't both work when the user renames an account and when accounts are deleted on the community site they are automatically deleted in surgemail. Either you make it create duplicate accounts in nwauth (using the move_from/move_to features of multiauth) Or you make it always check the account in mysqlauth. My feeling is you want it to work such that the account is duplicated to nwauth, so then if you ever want to remove the mysql/multiauth stuff your nwauth database is still complete for all current users. So basically the mysqlauth lookup is used only as a second 'read only' lookup to see if the user is permitted. In this mode password changes in surgemail would not affect the community account, but I think that's a relatively minor cost to pay for making the system more reliable. ChrisP Dale wrote on Tuesday, January 23, 2007 at 1:09 p.m. (-0600): >Hi, > >Looking to give another go using MultiAuth for a couple of domains >(unless there are other suggestions on how to accomplish my goals). > >I am running a community software product for one of my sites. I want to >allow certain level users to get a free email account. My thoughts are I >can either: > >Have SurgeMail check directly against the members DB of the community >site, this should allow for the user to change their password in the >community site and have that change reflected for their email account as >well. This should also allow for me to delete the account on the >community site and have it deleted automatically on SurgeMail (I hope). > >The other option would be to run a process that looks for certain level >users in the community DB, then using Tellmail create the account in SM. >The downsides of this are password synchronization and account deletion. > >The community site allows for people to change their username, so >additionally, one of my questions is when would happen if the user >initially creates "johndoe" as their username, then changes it to >"jdoe". If they then try to log into the email as "johndoe" will SM >check against the mysql db, and see the account no longer exists? Or >will it have copied the login info to its own DB and let the user keep >using the old and new accounts? > >Also, when switching from NWAuth to MultiAuth, I hope, assume I don't >need to do anything with the domains that will continue to use NWAuth - >right? (this is on a live, active server). > >Thanks > >Dale > >