10 Jul
2008
10 Jul
'08
6:09 p.m.
Hi!
I'm currently adding OpenID authentication support to XWiki but I'm
experiencing some problems with the current architecture.
First of all the current architecture doesn't support multiple
authenticators simultaneously (at least I didn't find how). I wanted to add
OpenID as an additional (optional) authentication method as shown in my
proposal at http://dev.xwiki.org/xwiki/bin/view/Design/SingleSignOn. This is
not possible with the current design - at least not in an elegant manner.
Should I add OpenID so that it is always shown if the MyFormAuthenticator is
used? Or should I think about how we could make XWiki more flexible?
I can't implement the whole XWikiAuthService interface because OpenID
doesn't use passwords. This could cause problems. Should we change that
interface or create a new one for authentication methods that rely only on
XWikiContext?
I need a mechanism to handle the response of the OpenID provider (at a known
URL). What's the best approach for that? Using an action, a servlet, ...? I
need to parse and evaluate the response and depending on return to the login
form showing an error message or logging in the user and forwarding it to
the requested resource.
Thanks,
Markus
11 Jul
11 Jul
12:03 p.m.
Hi Markus,
On Thu, Jul 10, 2008 at 6:09 PM, Markus Lanthaler
<mark_lanthaler(a)gmx.net> wrote:
Hi!
I'm currently adding OpenID authentication support to XWiki but I'm
experiencing some problems with the current architecture.
First of all the current architecture doesn't support multiple
authenticators simultaneously (at least I didn't find how). I wanted to add
OpenID as an additional (optional) authentication method as shown in my
proposal at http://dev.xwiki.org/xwiki/bin/view/Design/SingleSignOn. This is
not possible with the current design - at least not in an elegant manner.
Should I add OpenID so that it is always shown if the MyFormAuthenticator is
used? Or should I think about how we could make XWiki more flexible?
In the context of GSOC I think adding some if in the right places will
be enough.
I can't implement the whole XWikiAuthService interface because OpenID
doesn't use passwords. This could cause problems. Should we change that
interface or create a new one for authentication methods that rely only on
XWikiContext?
Except it's not very clean, I don't see the problem with password
parameter. Do you say that you need something else or just that
password is useless ?
The authentication need a complete refactor (chained component, UI
modularity, parameters modularity, etc.) but I doubt this can be done
here. You already have lot of work do do ;)
I need a mechanism to handle the response of the OpenID provider (at a known
URL). What's the best approach for that? Using an action, a servlet, ...? I
need to parse and evaluate the response and depending on return to the login
form showing an error message or logging in the user and forwarding it to
the requested resource.
I would say servlet as it seems totally independent from XWiki
standard http process but i'm not the expert on that.
Thanks,
Markus
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs
--
Thomas Mortagne
12:22 p.m.
New subject: [xwiki-devs] [gsoc] Re: OpenID support
First of all
the current architecture doesn't support multiple
authenticators simultaneously (at least I didn't find how). I wanted to
add
OpenID as an additional (optional) authentication method as shown in my
proposal at http://dev.xwiki.org/xwiki/bin/view/Design/SingleSignOn. This
is
not possible with the current design - at least not in an elegant manner.
Should I add OpenID so that it is always shown if the MyFormAuthenticator
is
used? Or should I think about how we could make XWiki more flexible?
In the context of GSOC I think adding some if in the right places will
be enough. I can't
implement the whole XWikiAuthService interface because OpenID
doesn't use passwords. This could cause problems. Should we change that
interface or create a new one for authentication methods that rely only
on
XWikiContext?
Except it's not very clean, I don't see the problem with password
parameter. Do you say that you need something else or just that
password is useless ? The authentication need a complete refactor (chained
component, UI
modularity, parameters modularity, etc.) but I doubt this can be done
here. You already have lot of work do do ;)
I fear that's true :-)
I need a
mechanism to handle the response of the OpenID provider (at a
known
URL). What's the best approach for that? Using an action, a servlet, ...?
I
need to parse and evaluate the response and depending on return to the
login
form showing an error message or logging in the user and forwarding it to
the requested resource.
I would say servlet as it seems totally independent from XWiki
standard http process but i'm not the expert on that.
12:36 p.m.
New subject: [xwiki-devs] [gsoc] Re: OpenID support
On Fri, Jul 11, 2008 at 12:22 PM, Markus Lanthaler
<mark_lanthaler(a)gmx.net> wrote:
OK, if I understood you right that means that I should add it to
MyFormAuthenticator, right?
Yes I don't see better yet.
Well I need the request object because I need to handle the the data passed
from the OP to XWiki. So I can use only the XWikiContext object, username
and password are useless for me.
Ok
Hmm.. I would have said an action is the right thing (thinking of keeping
everything in the MVC architecture) but as already said I don't know what's
the best. Would be nice if a "expert" could help me with that question :-)
I wish you all a nice weekend,
Markus
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs
--
Thomas Mortagne
First of all the current architecture doesn't
support multiple
authenticators simultaneously (at least I didn't find how). I wanted to
add
OpenID as an additional (optional) authentication method as shown in my
proposal at http://dev.xwiki.org/xwiki/bin/view/Design/SingleSignOn. This
is
not possible with the current design - at least not in an elegant manner.
Should I add OpenID so that it is always shown if the MyFormAuthenticator
is
used? Or should I think about how we could make XWiki more flexible?
In the context of GSOC I think adding some if in the right places will
be enough. I
can't implement the whole XWikiAuthService interface because OpenID
doesn't use passwords. This could cause problems. Should we change that
interface or create a new one for authentication methods that rely only
on
XWikiContext?
Except it's not very clean, I don't see the problem with password
parameter. Do you say that you need something else or just that
password is useless ? The authentication need a complete refactor
(chained component, UI
modularity, parameters modularity, etc.) but I doubt this can be done
here. You already have lot of work do do ;)
I fear that's true :-)
I need a
mechanism to handle the response of the OpenID provider (at a
known
URL). What's the best approach for that? Using an action, a servlet, ...?
I
need to parse and evaluate the response and depending on return to the
login
form showing an error message or logging in the user and forwarding it to
the requested resource.
I would say servlet as it seems totally independent from XWiki
standard http process but i'm not the expert on that.
5968
days inactive
5969
days old
3 comments
2 participants
participants (2)
-
Markus Lanthaler -
Thomas Mortagne