30 Jun
2008
30 Jun
'08
11:45 a.m.
Hi Thomas!
Just to be sure: Does that means that it is OK to start with OpenID
integration using OpenID4Java? Or do you prefer Netmesh? As far as I know
OpenID4Java is kind of the standard library used. On the other side Netmesh
supports also LID (a similar protocol to OpenID created by Netmesh).
I would say if OpenID is turned off then users created
for OpenID or
attached to OpenId are unusable to authenticate if they don't have any
XWiki password. The default authenticator does not allows users to log
with empty passwords, this is enough to protect them I think. This
could be used when the administrator want to easily disable wiki
modifications for maintenance for example.
Well, but that's not the only consequence. If you issue OpenID URLs (so that
XWiki acts as the OpenID provider).. The users loose also access to all
other websites where they used the XWiki OpenID URL. So we have to be very
very careful about a "switch-off feature". I would suggest to enable/disable
OpenID support during setup. If someone then really wants to turn it off he
has to do that somehow manually (not through a GUI).
If we want to support only OpenID, OpenID4Java seems
the better way to
do that in the short term for you to be sure to finish your GSOC. Now
in the long term we would surely choose one of the framework available
to easily add other supports latter I think... I seen that ESOE
provide a generic Confluence / Jira Integrator but can't find any
source/description.
Yes that's clear. The thing that I don't understand is how exactly you would
see support of one of these frameworks!? Does that mean that such a
framework will be bundled and shipped with XWiki by default or that it is
just an option? The frameworks are quite complex and setting them up
properly isn't so easy as it seems at the first moment.
If it's OK
for you I would start creating the architecture and describe
detailed how I would like to implement OpenID support with a OpenID
library
the next days. Then ask for some feedback on that and finally begin to
implement this. My last exam is next Monday (July, 7th) so afterwards I'm
finally free to work exclusively for XWiki :-)
OK great.