Replace Persona with an alternative login solution on blog.mozillabd.org

RESOLVED FIXED

Status

Websites
Other
RESOLVED FIXED
2 years ago
a year ago

People

(Reporter: gene, Unassigned)

Tracking

Details

(Reporter)

Description

2 years ago
Persona will be decommissioned by the end of 2016, and I'm trying to ensure that all the work we need to do between now and then is captured under the following meta-bug:

  https://bugzilla.mozilla.org/show_bug.cgi?id=1197381

I couldn't find an existing bug for migrating Mozilla Bangladesh Blog away from Persona, so I'm creating one.  If there is an existing bug, please link it under the above meta-bug and close this one out.

Here is a page with more information on migrating away from Persona, which we'll continue to maintain and update over the year as various Mozilla properties make the move:

 https://mana.mozilla.org/wiki/display/Identity/Persona+migration+guide+for+internal+sites
(Reporter)

Comment 1

2 years ago
:nukeador, should this request also go to pierros (like https://bugzilla.mozilla.org/show_bug.cgi?id=1273038#c2 )?

Hi, I'm part of the Mozilla Enterprise Information Security team (previously called Opsec) and the previous devops engineer for Persona. In advance of the shutdown of Persona on November 30th[1], I was hoping to both find out what was planned, in regards to authentication, as well as offer up assistance and alternatives if needed.

Firstly, I'm hoping to communicate with either the developer/development team capable of modifying the authentication code for the site or the manager responsible for the site. If I've made this request to the wrong person, please let me know, and feel free to ignore the questions below. If you happen to know who the right person is and can share that with me even better.

If you'd prefer to just have a short discussion over Vidyo instead of writing a response, that's totally fine, either say so and I'll set it up or send a calendar invite to me to chat.

* Has an alternative authentication solution been selected for the site, if so what is the new planned auth solution?
* Is there a timetable and resources to complete the development of the change before November 30th?
* Would you like any help in coming up with an alternate auth solution? We have reference architectures for a handful of frameworks. If so, either schedule a Vidyo call with me or I will schedule one with you.
* How would you characterize your site's userbase? Do users that login currently consist only of people with Mozilla LDAP accounts? Do Mozilla contributors/community also currently log into the site? Does the general public log into the site?
* Since your currently using Persona for auth I'm assuming that your site doesn't have access to metadata about users stored in LDAP (e.g. first and last name) or access to LDAP group information of users (e.g. what Mozilla team they're in). Would your site benefit from this type of information if it were available in the new auth solution?
* Does your site accept other login methods beyond Persona currently (e.g. github, mozillians, google+) and if so which ones?
* Do you currently take advantage of the branding capabilities[2] of Persona which allow you to put your site's logo or site name in the Persona login popup? Do you have requirements for your replacement auth solution related to branding? A specific example around branding is the fact that the Firefox Accounts auth solution has "Firefox" branding associated with the login process which may or may not be acceptable to you for your site.


[1]: https://wiki.mozilla.org/Identity/Persona_Shutdown_Guidelines_for_Reliers
[2]: http://identity.mozilla.com/post/27122712140/new-feature-adding-your-websites-name-and-logo
Flags: needinfo?(pierros)
Flags: needinfo?(nukeador)
(Reporter)

Updated

2 years ago
Blocks: 1197381
No longer depends on: 1197381
(In reply to Gene Wood [:gene] from comment #1)
> :nukeador, should this request also go to pierros (like
> https://bugzilla.mozilla.org/show_bug.cgi?id=1273038#c2 )?

Well, in this case we don't maintain community sites.

Adding Tom who has visibility on who's the technical contact for mozillabd.org

Cheers.
Flags: needinfo?(tom)
Flags: needinfo?(pierros)
Flags: needinfo?(nukeador)

Comment 3

2 years ago
Looking into the ownership of this.
I don't currently know, but we'll investigate it.
Flags: needinfo?(tom)
Hi Tom, any update on the status of this as we enter the final month until Persona EOL?
Flags: needinfo?(tom)
I received this update out-of-band:

"""
Mozilla Community Web Services is taking care of this issue. Currently, Yousef Alam is acting on behalf of MCWS. In this capacity he is clarifying if MozillaBD will move to Google Login.
"""

So I'm switching the ni? here to Yousef for confirmation/status on the update to Google Login.
Flags: needinfo?(tom) → needinfo?(yousef)

Comment 6

a year ago
We've determined that for now, please talk to mahayalamkhan@gmail.com about any requirements from Mozilla for Bangladesh community properties.

We do not have a defined ownership of their community yet, but MAK has been working on technical stuff there.
CCing him.
Group: websites-security

Comment 7

a year ago
Apologies, I restricted the wrong bug... could somebody with access remove remove the restriction please?
Group: websites-security
We've contacted MAK a couple of days ago but not heard a response back.

We (Tom and myself) also don't have access to this instance so there's not much we can do here.
Flags: needinfo?(yousef)

Comment 9

a year ago
We've revoked Persona from our mozillabd.org site; we sent emails to all to change their passwords, also posted in community channels and groups. Sorry for responding lately.
OK great, thanks for the update!  I will go ahead and close out this bug.
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.