2009/5/16 Manfred Bergmann <bergman...@web.de>: > > Am 16.05.2009 um 13:37 schrieb Dmitrijs Ledkovs: > >> 2009/5/16 Manfred Bergmann <bergman...@web.de>: >>> >>> In my opinion the user approach has more potential. But in order to not >>> again have users need to register while they may already have an account >>> for >>> our wiki it might be good to have some kind of single-signon. Or at least >>> share user data in a database which can be used for the wiki and this >>> service. >>> Since the wiki database already exists would it be possible to access >>> this >>> database and share the users in there? >>> >>> >>> Manfred >>> >> >> What about OpenId? > > I don't know OpenId but it looks like this could be a solution. I need to > read some more about it but maybe we could use this for all our services, > including Jira. > > > Manfred >
OpenId is quite neat. I works kind of like jabber. There are many providers (blogspot, yahoo, wordpress, launchpad etc) and there are many places were websites accept OpenId (for example sourceforge, many blogs, etc) To authenticate OpenId user gives you his OpenId (URL mine for example is https://launchpad.net/~dmitrij.ledkov) The user is then redirected to his own OpenId provider where he authenticates as usual (or this step is skipped if he is already logged in) and grants permission to give some of the details to the target service. If user authenticates at his server successfully and grants permission your website gets authentication token for that user. Such that you can then use that to check that the user is real and give him per-user stuff you wanted to give him. It's very neat and indeed removes the "Urrrghh one more login". The trouble is for me personally it came around a little too late =D I have like 5 OpenId's I just use one of them for all my OpenId needs. From wikipedia: OpenID is an open, decentralized standard for user authentication and access control, allowing users to log onto many services with the same digital identity. As such, it replaces the common login process that uses a login-name and a password, by allowing a user to log in once and gain access to the resources of multiple software systems.[1] An OpenID is in the form of a unique URL, and is authenticated by the user's 'OpenID provider' (that is, the entity hosting their OpenID URL).[1] The OpenID protocol does not rely on a central authority to authenticate a user's identity. Since neither the OpenID protocol nor Web sites requiring identification may mandate a specific type of authentication, non-standard forms of authentication can be used, such as smart cards, biometrics, or ordinary passwords. OpenID authentication is used and provided by several large websites. Organizations like AOL, BBC,[2] Google,[3] IBM, Microsoft,[4] MySpace, Orange, PayPal, VeriSign, Yandex, Ustream and Yahoo! act as providers.[5][6][7][1] In mid-January 2008, Yahoo! announced initial OpenID 2.0 support, both as a provider and as a relying party, releasing the provider service by the end of the month.[30] In early February, Google, IBM, Microsoft, VeriSign, and Yahoo! joined the OpenID Foundation as corporate board members.[31] Around early May, SourceForge, Inc. introduced OpenID provider and relying party support to leading open source software development website SourceForge.net.[32] In late July, popular social network service MySpace announced support for OpenID as a provider.[33] In late October, Google launched support as an OpenID provider, and Microsoft announced that Windows Live ID would support OpenID.[34] In November, JanRain announced a free hosted service, RPX Basic, that allows websites to begin accepting OpenIDs for registration and login without having to install, integrate, and configure the OpenID open source libraries.[35] -- With best regards Dmitrijs Ledkovs (for short Dima), Ледков Дмитрий Юрьевич _______________________________________________ sword-devel mailing list: sword-devel@crosswire.org http://www.crosswire.org/mailman/listinfo/sword-devel Instructions to unsubscribe/change your settings at above page
