BrowserID plugin should check for firewall issues before getting enabled

Hi Francois,

I would be of the opinion that this isn't desired behaviour. A better solution IMHO would be to display a message to the admin saying that it requires that. The problem with disabling it because of that is that if there are network problems (as there were with the case the other day), then the user won't be able to enable it if there are momentary network problems.

Thoughts?

Cheers,

Hugh

A message to the admin would be a good idea especially if there was no firewall when the plugin was enabled and one got added later.

Note that my suggestion was about preventing admins from enabling a plugin that won't work (which I think has value from a usability standpoint), not disabling a previously enabled plugin.

Righto, I get you now. Here is what I would suggest for this bug.

- When first allowing the admin to enable a plugin, check whether access is permitted. This could also be done for other SSO type plugins (though most after configuration).
- When an error occurs for the user, send the admin a notification.

This won't be just limited to browserid, but just general auth relying on 3rd parties.

Cheers,

Hugh

You're right, it could be a general function (part of the auth plugin base class) that any auth plugin could implement. The "is_plugin_usable" function in the base class would just return true but in the browserid plugin, it would do that check first.

(This bug should probably be marked as "triaged" or confirmed so that it's not lost.)

forgot to change status :P

Hi Hugh;

About your second idea "When an error occurs for the user, send the admin a notification".
Do you mean when a user try to login via BrowserID, this error can happen, then a notification will be sent to the site admin?
If yes, I am affraid that admin will receive a huge number of notifications as every time a user failed to login via BrowserID, the admin will get a notification.

https://reviews.mahara.org/#/c/1444/

Reviewed: https://reviews.mahara.org/1444
Committed: http://gitorious.org/mahara/mahara/commit/2fdc762f7eb9d63f73900a54aebb4797f9f5c41d
Submitter: Hugh Davenport (<email address hidden>)
Branch: master

commit 2fdc762f7eb9d63f73900a54aebb4797f9f5c41d
Author: Son Nguyen <email address hidden>
Date: Tue Aug 14 10:40:23 2012 +1200

    Check the BrowserID connection before enable it (bug #1015912)

    When adding BrowserID authentication plugin to an institution, disable
    it if the connection between site and BrowserID verifier
    (verifier.login.persona.org) is not available

    Change-Id: Ief447652bfc2e018ca175d277d6dd9fdb93ceb63
    Signed-off-by: Son Nguyen <email address hidden>

https://reviews.mahara.org/1508 (1.6 bug)

Reviewed: https://reviews.mahara.org/1508
Committed: http://gitorious.org/mahara/mahara/commit/662213b4dae54a3adcbfbfe1f090702bd76be882
Submitter: Hugh Davenport (<email address hidden>)
Branch: 1.6_STABLE

commit 662213b4dae54a3adcbfbfe1f090702bd76be882
Author: Son Nguyen <email address hidden>
Date: Tue Aug 14 10:40:23 2012 +1200

    Check the BrowserID connection before enable it (bug #1015912)

    When adding BrowserID authentication plugin to an institution, disable
    it if the connection between site and BrowserID verifier
    (verifier.login.persona.org) is not available

    Change-Id: Ief447652bfc2e018ca175d277d6dd9fdb93ceb63
    Signed-off-by: Son Nguyen <email address hidden>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 status fixreleased
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iJwEAQECAAYFAlCbHO8ACgkQuMoJ2LQ3zxH8TAP/YN4BiCJZsn5a899/0UzV31Qg
lM8LXAwZWa6zFv6t0BQUHCqe6eFK9wPp51qgCWWXjUZ3vvvVcsyeWp6626aBFKSU
pCQXI9E7huPw802nJQ9WcZXRBUmgw87ww72Tx4mybnu7SPSrkZgXdnPGSMwDs89N
oWvTpl7Xuac48e6p0lU=
=ouU+
-----END PGP SIGNATURE-----