Hacking on Ubuntu Single Sign-On

19 Jun 2011 - ubuntu webdev

As most of you, who’ve used community projects like Loco Team Portal and Summit know, we use login.launchpad.net as our open id provider. I believe the future is to use login.ubuntu.com. It is more consitent in terms of design, and is the exact same code as login.launchpad.net but with different configuration and theme.

We have bugs for both the projects to switch to login.ubuntu.com, but it isn’t really easy because login.ubuntu.com configuration is actually more stricter. We can’t login from it locally, i.e., it will not pass on my credentials back to my app if I’m running my app on 127.0.0.1. The ISD team suggested that I just run SSO locally and do my testing. After running Launchpad, what could be so hard right? Famous last words ;-)

I fetched the source of SSO and started the bootstrap as the instructions said. It failed because some of the configs were in a private branch. With much hair-pulling, head-desking, and lots of help from David and Ricardo, I finally got it running last week. One of the main problems of doing this was the configuration for SSO are not stored in the ‘django way’ of things. It’s stored as .cfg files with some configglue magic. Configglue wasn’t originally open-sourced and thus the configs were private. The other problem was my inexperience with postgres :-)

After configglue was open-sourced, the configs still sat in a private branch because nobody got around to fixing the bootstrap process, until last week. On Friday, Ricardo finally gave me the good news!. The bootstrap process is now fixed so that community members can actually run SSO without hair pulling. We can now easily work on doing the transition from login.launchpad.net to login.ubuntu.com