This is very useful. However, this was a straight migration, for P2PU the concern currently is to enable OSQA and Drupal integration in the short term, and longer term to enable integration with a number of different services (potentially IRC, Big Blue Button, OSQA, a wiki, etc). <br>
<br>Going to play with your new site now! :)<br>Stian<br><br><div class="gmail_quote">On Tue, Feb 8, 2011 at 13:44, Paul Osman <span dir="ltr"><<a href="mailto:paul@mozillafoundation.org">paul@mozillafoundation.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">So we recently migrated ~12000 users from Drupal to Django for Drumbeat.org. A few things to note:<br>
<br>
1) Drupal 6.x stores passwords as unsalted MD5 hashes. This is fairly insecure (susceptible to being compromised by attackers using rainbow tables) and has been dropped by most modern authn systems. Luckily, Django used to do this too, and now the default authentication backend in Django handles unsalted MD5 hashes just fine. Basically, when Django encounters a user with an unsalted MD5 hashed password, it authenticates them and then upgrades them automatically to whatever hashing algorithm you choose to use going forward (SHA512 in our case). This means you can migrate Drupal users with a straight-up SQL script, which is what we ended up doing.<br>
<br>
2) LDAP could be used, but introduces another piece of software to the architecture of the site, which could become cumbersome.<br>
<br>
3) OpenID could be used as well, but for a variety of reasons, forcing all of your users to use OpenIDs (even if you set up an identity provider) could be difficult.<br>
<br>
I'd recommend doing the same thing we did... total migration took about 30 minutes for ~12k users with a ~30 line python script that executed raw sql against the Drupal database and used Django models to write data.<br>
<font color="#888888">
<br>
-Paul</font><div><div></div><div class="h5"><br>
<br>
On 02/08/2011 01:33 PM, zuzel.vp wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Adding a third option:<br>
<br>
1) Moving existing Drupal user accounts into LDAP. If the users are in<br>
LDAP it will be possible to authenticate using<br>
<a href="http://packages.python.org/django-auth-ldap/" target="_blank">http://packages.python.org/django-auth-ldap/</a> for Lernanta and<br>
<a href="http://drupal.org/project/ldap_integration" target="_blank">http://drupal.org/project/ldap_integration</a> for the drupal site.<br>
<br>
2) Use a custom django authentication backend in Lernanta (to<br>
authenticate against the drupal site database) during the first steps<br>
of the migration, and then move all the users from one database to the<br>
other when we stop to use the drupal site.<br>
<br>
3) Use Drupal as an OpenID Server. Drupal sites themselves can act as<br>
OpenID servers, using the openid_server module, but only drupal 4.7<br>
has support for this right now (needs to be ported to 5 and 6).<br>
<br>
Thanks,<br>
Zuzel<br>
<br>
On Tue, Feb 8, 2011 at 1:11 PM, Jessica Ledbetter<br>
<<a href="mailto:jessica@jessicaledbetter.com" target="_blank">jessica@jessicaledbetter.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Tue, Feb 8, 2011 at 1:09 PM, John Britton<<a href="mailto:public@johndbritton.com" target="_blank">public@johndbritton.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I'd really like to see us using<br>
OpenID.<br>
</blockquote>
<br>
+1<br>
_______________________________________________<br>
p2pu-dev mailing list<br>
<a href="mailto:p2pu-dev@lists.p2pu.org" target="_blank">p2pu-dev@lists.p2pu.org</a><br>
<a href="http://lists.p2pu.org/mailman/listinfo/p2pu-dev" target="_blank">http://lists.p2pu.org/mailman/listinfo/p2pu-dev</a><br>
<br>
</blockquote>
_______________________________________________<br>
p2pu-dev mailing list<br>
<a href="mailto:p2pu-dev@lists.p2pu.org" target="_blank">p2pu-dev@lists.p2pu.org</a><br>
<a href="http://lists.p2pu.org/mailman/listinfo/p2pu-dev" target="_blank">http://lists.p2pu.org/mailman/listinfo/p2pu-dev</a><br>
</blockquote>
<br>
_______________________________________________<br>
p2pu-dev mailing list<br>
<a href="mailto:p2pu-dev@lists.p2pu.org" target="_blank">p2pu-dev@lists.p2pu.org</a><br>
<a href="http://lists.p2pu.org/mailman/listinfo/p2pu-dev" target="_blank">http://lists.p2pu.org/mailman/listinfo/p2pu-dev</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br><a href="http://reganmian.net/blog">http://reganmian.net/blog</a> -- Random Stuff that Matters<br><br>