Friday, September 14, 2007

LDAP Integration

Looking for a good method to view local users via LDAP search, as well as cache user information into the local data store for quick information retrieval. Any takers?

I assume I could just inherit the django user modules into a new module and populate the user data and hijack authentification requests. Would it be evil of me to cache the passwords in the local user interface just in case the LDAP server is down? I think not....

Whats this program all about?

I'm hoping to make fizbiz (FB) into a simple and easy to use system for sharing files via a web browser. Authorized user accounts can use FB to generate file request tokens called FIZ.

Each FIZ is a short unique identifier which can be used as a file upload token. For example, an FB server should have an easy to remember domain name like http://fb.company.com/. To access FIZ ID PR5347D the url you would hand somebody you wanted to get or send a file to would be http://fb.company.com/PR5347D.

Each FIZ is highly configurable and allows for the following options
  • Upload expiry (for limiting uploads to a slim amount of time)
  • Files expiry (defaults to the upload expiry until changed)
  • Multiple files support
  • Upload file(s)
    • WebDAV Server Integration
  • File size limitations
  • Upload and retrieve notifications for all FIZ participants
    • RSS
    • SMS
    • Instant Messages
    • E-Mail
  • Server based GPG Encryption
    • Recipients can add their own key which is moderated by the owner
    • Owner can select from list of existing keys
    • Preexisting keys can be related to recipient notification database
  • Set a simple password
  • Require captcha verification
  • Require registered local user
  • Require registered recipient
    • Simple registration interface
    • Recipients can be upgraded to local users through the administration interface.
  • Newly registration recipient expiry
Administrators of an FB site have control over which options are configurable and what value ranges are acceptable.

To share a set of files with multiple people just share the FIZ URL, if the data is not sensitive a FIZ URL should be quite secure for simple file sharing, especially if it has a short expiration time.

FB is ideal in situations where it is important to be notified file is downloaded. By requiring a recipient to be registered before downloading a file referenced by a FIZ you can track who downloaded the file by registration ID.

In short, I'm not reinventing any wheels here. Initially I wanted a system like FB so that I could instruct my local mail server to reject messages over a few megs, then email the recipient with a request to issue a FIZ to the sender.