On 10/5/05, Allen Gilliland <[EMAIL PROTECTED]> wrote: > > Elias Torres wrote: > > >Hi everyone, > > > >I want to introduce yet another subject of things we see definitely > >being needed in Roller for it to be more suited for internal corporate > >blogging. > > > >- I have a patch ready (very simple) that allows the site > >administrator through roller.properties specify which URLs users can > >send trackbacks to. It'd be dump to send a trackback to an external > >blog because people won't be access that post because it's on the > >intranet. I've added a small check in the sendTrackback method in > >WeblogEntryAction so it displays a nice error message when the URL is > >not allowed. This should not affect anyone else. > > > > > sounds good to me. > > >- Along the same lines as trackbacks, I need to check the pings we are > >currently sending to blo.gs or weblogs.com and make sure they are > >disabled or a mechanism similar like the ones for trackbacks is > >developed. > > > > > yep. i think it would be nice if a lot of this stuff was easily toggled > on/off via a property like "roller.mode=intranet".
good idea > > >- We disabled anonymous comments in the intranet. I will need to add > >this feature to Roller as well, of course like anything else, it > >should be optional. Wordpress implements this, so I don't think should > >raise any objections from the team. > > > > > that sounds like a good one too. i think this one is reasonably big > enough that we should see a design proposal for it though. the main > issue being how to properly set things up to do the authentication for > comments. I agree. I'll try to get one started, if I can figure out my login for the wiki. :-) > > >- We'll write a PagePlugin that rewrites URLs in entries to go through > >some global redirector (which we might add to Roller as well) so > >anchors in entry URLs are not leaked to the web. Again, if anyone > >wants to use Roller on the intranet, I think this is important. > > > > > i'm not sure i fully understand this one. can you explain it more. Right now when people visit my external blog from IBM's internal server, I can see in my apache logs the entry anchor from the referrer. This can leak information such as "we_re_buying_chococalate_company_x". Do you know what I mean? > > >- AutoRegistration. In Blog Central I made it so that for any user > >that's authenticated by LDAP server if the UserManager did not find > >the user, I would just create a blog for them. Instead I might follow > >the Sun model to have a separate registration page where the password > >is not required because we have our own auth methods. > > > > > i think there are actually 2 action items here. (1) provide a good SSO > structure so that a roller admin could easily define what happens when a > user transfers from another application into roller and (2) provide a > good way for roller to be remotely administrated, possibly via secure > web services. by remotely administrated i mean ... register users, > create weblogs, reset account info, etc. we do this stuff at Sun right > now, but we've just hacked a backdoor for roller and really this should > be flushed out into a full feature. ahhh... a nice remote interface would be awesome. so much to do, so little time. > > >I can't think of any others right now of the top of my head, but as > >they come I'll send them. > > > > > they all sound pretty good to me. > > -- Allen > > >Regards, > > > >Elias > > > > >
