The Opportunity - We are hoping to form a long-term working relationship with a knowledgeable programmer who has excellent communication skills and can produce high quality work. This project is just the starting point for a whole host of other development and administration activities. Preference will be given to candidates who demonstrate a willingness and ability to work with us long-term to achieve our goals. The Project - The project is development of a centralized user management and single sign-on ("SSO") system. This system will handle signup of new users, automatic propagation of that signup to other web applications, one-click sign on for a logged in user to any of the applications, as well as password change and account deletion which must also be propagated. A key feature of the system is that we will be able to integrate new applications by the addition of a single code helper and a one-time import script to add existing users to the new application. Specific Expertise - Candidates must demonstrate an in-depth knowledge of PHP + Mysql, and experience with linux systems and command line operation is preferred. Weekly Reporting - You will be required to submit a status report every Friday, and must include a snapshot of the code with each report. Code will be reviewed for quality on an ongoing basis. The details - Please download the attached PDF that explains each of the requirements in depth. The winning candidate will be asked to sign an NDA before work begins on the project.
1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.
2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables):
a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.
b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.
3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
* * *This broadcast message was sent to all bidders on Thursday Sep 20, 2007 3:55:58 PM:
PLEASE READ THESE IMPORTANT CLARIFICATIONS REGARDING THE SSO PROJECT!
I've received a number of good bids for this project, and a number that have potential but are missing some key points.
1. This project does NOT involve creating any email system or domain management application. We have those - they are done. You will be automating account actions for those tools through DB/SSH/and HTTP based APIs.
2. This project is about INTERFACING with existing systems, not "integrating" them by modifying them. We will NOT be modifying the existing apps to fit with the SSO system. Many people have sent me details of a solution that include "Application 'B' will check the session ID against the central server..." NO! The applications know nothing about the central server. Period. You will be automating the login step to these applications through use of a hidden HTML form. Where there'd normally be a link, instead there will be a hidden form with the credentials needed to login automatically.
3. Yes, in a perfect world we would modify the apps to talk to our central server (maybe as SASL based authentication procedure), but the reality is that we don't have all the apps yet, we need them up fast when we get them, they may change, and we may not have access to source code in order to modify them. The desired design is one which is tolerant of these limitations. We want to drop in any new app, write the few required helper functions to interface with the app's user database (via DB calls, SSH, or HTTP as appropriate), and have it up and working with a minimum of fuss.
4. The email system in question is a good example of these limitations. Accounts in the email system correspond to accounts on a linux server. We are not over-hauling the IMAP servers to support some new authentication scheme, we are creating a helper that will add/delete/change passwords on those acounts via SSH. Auto-signon will happen via a hidden HTML form.
I'm trying to make it clear that the requirements described in the PDF *ARE* the requirements of the project. Please read them, understand them, and send me questions that prove you know what we're trying to accomplish and why. A few of you *do* seem to get it - please pick up the discussion and close this deal, I'm sure the right coder will make himself known to me very soon.
The system is to be implemented in PHP/Mysql 5 with the use of a lightweight framework to provide DB abstraction, and strict Controller/View separation. Code Igniter ([url removed, login to view]) is preferred, but other similar frameworks may be considered if they can compete on features, speed, and maintainability. All output from the system will be skinned for integration into our overall site design by one of our web designers, so your job is functionality only.