Elias Torres wrote:
Hi everyone,
I want to introduce yet another subject of things we see definitely
being needed in Roller for it to be more suited for internal corporate
blogging.
- I have a patch ready (very simple) that allows the site
administrator through roller.properties specify which URLs users can
send trackbacks to. It'd be dump to send a trackback to an external
blog because people won't be access that post because it's on the
intranet. I've added a small check in the sendTrackback method in
WeblogEntryAction so it displays a nice error message when the URL is
not allowed. This should not affect anyone else.
sounds good to me.
- Along the same lines as trackbacks, I need to check the pings we are
currently sending to blo.gs or weblogs.com and make sure they are
disabled or a mechanism similar like the ones for trackbacks is
developed.
yep. i think it would be nice if a lot of this stuff was easily toggled
on/off via a property like "roller.mode=intranet".
- We disabled anonymous comments in the intranet. I will need to add
this feature to Roller as well, of course like anything else, it
should be optional. Wordpress implements this, so I don't think should
raise any objections from the team.
that sounds like a good one too. i think this one is reasonably big
enough that we should see a design proposal for it though. the main
issue being how to properly set things up to do the authentication for
comments.
- We'll write a PagePlugin that rewrites URLs in entries to go through
some global redirector (which we might add to Roller as well) so
anchors in entry URLs are not leaked to the web. Again, if anyone
wants to use Roller on the intranet, I think this is important.
i'm not sure i fully understand this one. can you explain it more.
- AutoRegistration. In Blog Central I made it so that for any user
that's authenticated by LDAP server if the UserManager did not find
the user, I would just create a blog for them. Instead I might follow
the Sun model to have a separate registration page where the password
is not required because we have our own auth methods.
i think there are actually 2 action items here. (1) provide a good SSO
structure so that a roller admin could easily define what happens when a
user transfers from another application into roller and (2) provide a
good way for roller to be remotely administrated, possibly via secure
web services. by remotely administrated i mean ... register users,
create weblogs, reset account info, etc. we do this stuff at Sun right
now, but we've just hacked a backdoor for roller and really this should
be flushed out into a full feature.
I can't think of any others right now of the top of my head, but as
they come I'll send them.
they all sound pretty good to me.
-- Allen
Regards,
Elias
