Bugzilla+SXIP, pending release

Andy Smith andyster at gmail.com
Wed Nov 17 22:56:52 UTC 2004

Thanks to a few modifications to the auth system in Bugzilla 2.19.1, I
have been able to rewrite the SXIP authentication support for Bugzilla
much more cleanly.

For the people who don't know what SXIP is, it is a single sign-on
platform, open source with xmlsec signed data assertions. More info at
https://sxip.org and accounts can be gotten at demohomesite.com.
Current implementations include Mailman, Drupal, Plone, PEAR::Auth,
and quite a few others are in the works.

So, I've added support to Bugzilla, demo at http://bugs.an9.org, code
at http://an9.org/data/sxip-bugzilla-0.8.tar.gz, or browse the svn at

Excerpt from the README (because writing documentation is slow):

This is a preliminary version of SXIP integration for Bugzilla.
Note: While it is possible to use the Simple MDK, it is *not* recommended
      as the Simple MDK is intended for non-secure operation only.

    Great efforts were made (per request of the development community) during
the writing of these modules to modify as little of the Bugzilla code as
possible, and to that extent it is possible to use the authentication without
changing anything except for defparams.pl, however, for the most complete
integration one will have to make modifications to a few templates, and,
unfortunately, one of the cgi scripts.
    With any luck, these modifications will become less and less necessary
as Bugzilla develops the ability to handle more and more external resources.
Until then, this is a fully functional implementation of a SXIP Membersite.

    Information about SXIP can be found at https://sxip.org, but the brief
overview is that SXIP is an protocol for exchanging identity information, in
this case being used as an authentication system.
    For Bugzilla, this means that the very first time a SXIP user arrives at
the site, he or she will be able to log in without first registering
individually with your site (a new account will be created, respecting the
account creation regex). Because one of the requestable properties in SXIP
is a verified email address, you are also allowed to log in to an already
existing account should your verified email address match the email address
of an existing user.

Install directions are included in INSTALL, installation will not
break any Bugzilla functionality, once everything has been copied
over, you still need to flip the switch in Parameters to turn it on.

This will be up on https://sxip.org soon, and will be announced there
as well, it would be great to say we have the support of the Bugzilla
community and I would love to work with you on fixing any issues that
cause chafe involved with this add-on, as well as developing further
support to ease the integration of these kinds of modules.

Comments and criticisms welcome, I'm 'termie' on the IRC channel and
I'll likely be there all the time.

- andy smith
army of coding monkeys
sxip networks
vancouver, bc

More information about the developers mailing list