To elaborate this issue a little more. When a user makes a comment to a blog, he provides his name. We need to find a way to validate this person is really who he claims to be. I have browsed the web on this issue and found some interesting links. But it appears some links are 2 years old... http://www.google.com/search?hl=en&lr=&q=Roller+comment+Authenticator
It seems that I can provide a custom class to authenticate the comment via comment.authenticator.classname property. Is this feature working in 3.0? We have put ClearTrust (WPM) in front of Roller. WPM seems to provide an environment variable HTTP_CT_REMOTE_USER, which is the registered user id. If in the custom class, I can compare or append the user id to the commenter's name (if I requires users to provide his user id in the name field), then I can authenticate who is making the comment. Will this work? Is there more documentation how to write the commentAuthenticator class? Thanks, Steve -----Original Message----- From: Lihn, Steve Sent: Wednesday, December 13, 2006 4:42 PM To: [email protected] Subject: Is it possible to authenticate the commenters Hi, We are encountering an enterprise issue with the commenters being anonymous. Is it possible to authenticate the commenters, say via LDAP, in order for that person to write comments? I know this is stretching Roller very far. Any help is appreciated. Steve Lihn ------------------------------------------------------------------------ ------ Notice: This e-mail message, together with any attachments, contains information of Merck & Co., Inc. (One Merck Drive, Whitehouse Station, New Jersey, USA 08889), and/or its affiliates (which may be known outside the United States as Merck Frosst, Merck Sharp & Dohme or MSD and in Japan, as Banyu - direct contact information for affiliates is available at http://www.merck.com/contact/contacts.html) that may be confidential, proprietary copyrighted and/or legally privileged. It is intended solely for the use of the individual or entity named on this message. If you are not the intended recipient, and have received this message in error, please notify us immediately by reply e-mail and then delete it from your system. ------------------------------------------------------------------------ ------ ------------------------------------------------------------------------ ------ Notice: This e-mail message, together with any attachments, contains information of Merck & Co., Inc. (One Merck Drive, Whitehouse Station, New Jersey, USA 08889), and/or its affiliates (which may be known outside the United States as Merck Frosst, Merck Sharp & Dohme or MSD and in Japan, as Banyu - direct contact information for affiliates is available at http://www.merck.com/contact/contacts.html) that may be confidential, proprietary copyrighted and/or legally privileged. It is intended solely for the use of the individual or entity named on this message. If you are not the intended recipient, and have received this message in error, please notify us immediately by reply e-mail and then delete it from your system. ------------------------------------------------------------------------ ------ ------------------------------------------------------------------------------ Notice: This e-mail message, together with any attachments, contains information of Merck & Co., Inc. (One Merck Drive, Whitehouse Station, New Jersey, USA 08889), and/or its affiliates (which may be known outside the United States as Merck Frosst, Merck Sharp & Dohme or MSD and in Japan, as Banyu - direct contact information for affiliates is available at http://www.merck.com/contact/contacts.html) that may be confidential, proprietary copyrighted and/or legally privileged. It is intended solely for the use of the individual or entity named on this message. If you are not the intended recipient, and have received this message in error, please notify us immediately by reply e-mail and then delete it from your system. ------------------------------------------------------------------------------
