[xwiki-dev] [Proposal] OpenID support in XWiki
Sergiu Dumitriu
sergiu.dumitriu at gmail.com
Tue Mar 20 09:25:25 CET 2007
There's also Shibboleth, providing SAML. It has support for specifying
access rules, too, not just authentication.
+1 for me. Any extra authentication mechanism means more unique features for
XWiki.
http://shibboleth.internet2.edu/
http://en.wikipedia.org/wiki/SAML
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
http://jira.xwiki.org/jira/browse/XWIKI-402
P.S.: Welcome back, Artem.
On 3/20/07, Artem Melentyev <melenartem at ya.ru> wrote:
>
> Hi.
>
> I would like to propose the project:
>
> OpenID[1] support in XWiki.
>
> OpenID is an open, decentralized, free framework for user-centric
> digital identity. [1]
>
> 1) XWiki as openid consumer.
> Possibility to login into xwiki with openid.
> Value: major
>
> 2) XWiki as openid provider.
> Some users of xwiki will have openid account like username.xwiki.host
> or xwiki.host/openid/username
> For example users in xwiki.com will have openid = username.xwiki.com
> Value: minor
>
> User story:
> I have account and virtual wiki at username.xwiki.com.
> I wish to login with openid into xwiki.org.
> Standard authentication process with openid[3]:
> I enter to openid login form at xwiki.org my openid=username.xwiki.com,
> click sumbit.
> xwiki.org redirects me to openid authentication page in
> username.xwiki.com.
> I enter my password, click submit.
> username.xwiki.com redirects me back to xwiki.org.
> Done. I logined into xwiki.org with openid.
> If I already logined to username.xwiki.com, xwiki.org will not redirects
> me to username.xwiki.com, and I don't enter password.
> I may use my openid=username.xwiki.com as normal openid. For example I
> may write comments to livejournal.com with openid[2].
>
> Advantages:
> The User needs only one login for all xwikis and openid services.
> User's openid will be point at homepage on xwiki (possibly).
> Increase popularity of xwiki project:
> There are not much openid providers for now. [4]
> XWiki users will promote xwiki their openids (*.xwiki.com)
>
> There are also bounty($5000) for openid-enabled opensource projects:
> http://iwantmyopenid.org/bounty
>
> There are other authorization protocols, similar to the technology openid:
> http://lid.netmesh.org/
> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
> http://yadis.org/
> But it is not too common.
>
> Technical details:
> Possible openid implementations: http://code.google.com/p/openid4java/
> or http://code.google.com/p/joid/
> Consumer:
> Then user logins with openid first time, xwiki create special user
> like XWiki.openid_<user's openid> for a user settings storage.
> Provider:
> java servlet.
>
> WDYT?
>
> Is this project suitable for GSoC 2007?
> Estimated workload: 1-2 man/month
>
> References:
> [1] http://openid.net/
> [2] http://www.livejournal.com/openid/
> [3] http://openid.net/about.bml
> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>
> --
> Artem Melentyev, UralSU, CS401
>
>
--
http://purl.org/net/sergiu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.xwiki.org/pipermail/devs/attachments/20070320/db186a23/attachment.html
More information about the devs
mailing list