Some readers might want to start reading this book with this chapter as it looks like an introduction into using Redmine. But, I believe, it's not an introductory chapter. Usually, you first get used to the place and then unpack your boxes. Unpacking your boxes and making Redmine your "home" application is what, actually, this chapter is about.
This is the first time we speak about Redmine from a user's perspective:
These are only some of the questions that will be answered in this chapter.
While the previous chapter was intended mainly for project managers and administrators, this one is intended for all users. For project managers and site owners, this chapter also gives an idea of what users need in order to have a better experience with Redmine.
In this chapter we will cover the following topics:
The fact that we review the account creation process in this chapter seems pretty confusing. After all, the majority of readers, I believe, have already created accounts or own the default one, which is "admin" (I want to believe, that the former "admin"). However, under this topic we will review not the ordinary registration, but account creation, which does not actually involve filling in any registration form. So this topic is not intended for new comers, instead it will be of interest for site owners and administrators.
In case you did not know, many users try to avoid registering on every new site. There are many reasons for this:
But, Redmine can make account creation easier and liberate from the need to remember a new password. It supports at least two technologies for this—OpenID and LDAP.
OpenID is an open standard for authentication, which involves the OpenID identity provider as an authentication server. Thus, users do not store the password on the Redmine server. Instead OpenID users get redirected to the OpenID provider, where they authenticate and get returned back authenticated if successful.
The great thing is that the OpenID provider can be any Internet host and this protocol is supported by industry giants such as Google and Yahoo, which means that you can authorize using, for example, your Google account in Redmine. The drawback of this authentication solution is that you need to specify the URL of the OpenID provider.
Google OpenID URL is https://www.google.com/accounts/o8/id.
After putting the URL into the OpenID URL field the user clicks on the Login button and gets redirected to the OpenID provider. Then the provider usually asks for credentials of the user in the provider's system. After users login, or if users are already logged in, the provider asks to confirm that they really want to grant Redmine access to their profile. In the following screenshot, check how Google does this:
In particular, to create the user's profile, Redmine will need the full name and e-mail address. Redmine won't ask for or store the password and won't be provided with the password! The newly created user will have the same username the user has in the OpenID provider's system.
Depending on Redmine settings after successful authorization on the OpenID provider you will be:
At the time of writing this topic, the native Redmine OpenID support does not work, at least for Google, so you may need the OpenID Fix plugin available at http://projects.andriylesyuk.com/projects/openid-fix.
The fact that any host can be an OpenID provider, of course, can become the reason for not using OpenID (or for using it along with manual or e-mail account activation). For example, if you use Redmine as a corporate project management application. But don't be in a hurry to get upset!
Do not require users to enter OpenID URL
Entering and remembering or copying and pasting the OpenID URL each time the user logs in whittles down the benefits of this authentication method. Luckily Jorge Barata Gonzalez created the plugin, which allows you to pick up the URL from the "selector" containing the most popular OpenID providers, including but not limited to Google, Yahoo, AOL, LiveJournal, WordPress, and so on. See the following Github page for more information:
LDAP is the open protocol for accessing active directory services. Such services are commonly used for storing usernames and passwords and, therefore, LDAP, as a protocol is used for authentication. Most known directory services servers are OpenLDAP and Microsoft Active Directory and, yes, using LDAP you can connect Redmine to the Microsoft AD domain.
Unlike OpenID, to support a directory server, administrators must manually add the server into Redmine using Administration | LDAP authentication | New authentication mode. Moreover, Redmine allows you to add many LDAP servers, each of which will be tried when a new user logs in. If the On-the-fly user creation option is checked for the server, Redmine will create the account for the user on the first login but will still use the password stored on the server.
The login process for LDAP users (unlike OpenID) does not differ from the login process of local users.