Elephant has changed Live Links paradigma, freeing server-side load.

Server doesn't store temporal sessions any longer

First approach to Live Links created a temporal key that was stored into server temporal-sessions file. Its purpose was, mainly, to allow mail links enter the application passing through sign-in unattendedly. Once used, the temporal key got removed from server and no longer would stay available for future uses.

Creating a new key, highly encrypted

New approach to Live Links uses a symmetric cipher algorithm to create intelligent keys. Those keys own application process-based information along with Elephant self-required fields.

New Live Links can be used multiple times before expire, can be part of mailing systems, web active links and RSS feeds. Live Links can also be AJAX based, allowing to sign-in and get content in a single step.

Preparada ja l'actualització de tots els Cloud Turro.Org amb la nova implementació de Persona. El projecte ja és als repositoris de codi de la Fundació TiC i compartit amb Mozilla.Org, un cop assolida la fase estable.

Què és i com funciona?

Persona és un sistema de Signatura Única (SSO) basat exclusivament amb l'email. Les sessions obertes amb Persona perduren segons les preferències del usuari, podent allargar-se infinitament en l'ordinador propi o ser de sessió única, acabant en tancar el navegador.

És fàcil i ràpid començar. En qüestió d'uns minuts, un usuari pot crear el seu compte i validar-lo, sense donar cap altre dada que el seu email.

És segur. Persona connecta usant el protocol HTTPS tant per conversar amb l'usuari com per validar les assercions.

Per entrar a les sessions de treball BrightSide usant Persona només cal prémer la nova opció Entrar usant Persona. Poc més a dir. La interfície és tan senzilla i potent que tot és percep en un instant.

Ara, amb Persona, encara més fàcil.

OpenID has been the SSO universally accepted in social networks, once accepted that not everyone using it kwew what was this all about. Persona, formerly BrowserId, irrupted in SSO world with force, simplicity and open sourced. The ingredients seem perfect to atract developer interes.

Sign once, be recognized ever

That's what we expect from an SSO, not being asked every time for our nick name and password. The fact that security is one of the main factors when we sign into a system, may not be so atractive to the final user, but it is to developers. SSO systems are secured with SSL and this is a must have requirement for web based aplications.

BrightSide implementation of Persona

BrightSide allows and recomends using Persona to sign into the system. Major benefits:

• Sign without password, but with your email. Persona takes care of asking, whether necessary, the Persona password.
• Verify your identity using your own email.
• Long term sessions.
• Sign in and out of web sites separately. Persona remembers where the session was audited.
• Sign up in less than one minute, manage your account in Persona's site.
• Single account, multiple web sites.

How it works

Persona site already has multiple examples on different languages. Anyway, I'll publish the source code with the main changes I made to achieve the implementation. I'll also try to provide an easy explanation on how the system works and which security risks you may avoid on your system.

Learn more about Persona at https://login.persona.org.

BrightSide adds a new web interface for the whole set of entities, but... what do we call web interface?

Following the plugin pattern to entities

For a long time, BrightSide has added features to entities by using a one-for-all pattern. Thus, attachments apply to dossiers, issues, contracts, documents, sale actions, resources and so on. Same applies for acceptances, tags, calendar events...

Now, a web interface appears as an out-of-the-box feature for all entities. Well, a web interface, what do we call web interface?

• Description, multiple descriptions. Easy to edit, no HTML acknowledge required.
• Comments, moderated.
• Stars, gathering interest from readers. Single user or IP tracking.
• Votes, positive, negative or none. Contact vote tracking.

BrightSide gets a new language module, isolating the resources treatment. With the new Elephant Locale project, will be easier to mantain locale resources from external sources, as well as indicating which languages should appear as available to final users. The goal of this project is to incorporate collaborations in locale maintenance, making easy the way new languages get their way into the whole set of modules.

Turro.Org will also stop giving direct support for Castilian (Spanish). Provisionally and in order to allow fresh versions of Castilian, French and German, collaborators will be able to edit these resources from Turro.Org. Soon we'll come with instructions on how to collaborate with the project.

Catalan and English will continue to be directly supported.