2 Jul
2008
2 Jul
'08
2:01 p.m.
Markus Lanthaler wrote:
...
* How should the issued OpenID URLs look like?
http://www.xwiki.org/xwiki/bin/view/XWiki/UserName seems to be to long for
me. Something like http://www.xwiki.org/user/UserName would be much better
in my opinion. What do you think? Would that be possible with the existing
architecture?
Yes. We can simply map these url to openid servlet in web.xml, I think.
Also I think we can provide openid account per virtual xwiki for it's
owner. So for example wiki owners at myxwiki.org will get openid
accounts like servername.myxwiki.org
(And I want openid account amelentev.myxwiki.org :))
* What about user recycling, i.e. if a user (Alice)
deletes his account and
another one (Bob) creates an account with the same user name afterwards what
should happen? Bob would be able to log-in to all sites on which Alice used
her XWiki account. Yahoo for example solves this by appending a fragment
like #fk32j to each OpenID. So the OpenID URL
http://www.xwiki.org/user/UserName would become
http://www.xwiki.org/user/UserName#fragment
-1
It dirties a clean openid url. And I don't want to memorize this
fragment. :)
Maybe there is some other way to resolve this problem? I think it is.
For example store some key in openid account and openid consumers also
check this key when signin. When openid account recreated, key is
changed. Maybe there is something similar in openid standard?
--
Artem Melentyev / http://marting.myopenid.com/