[xwiki-dev] [Proposal] OpenID support in XWiki

Vincent Massol vincent at massol.net
Tue Mar 20 10:00:37 CET 2007 

+1 too.

And there's of course Liberty Aliance and its implementations. For  
example on Objectweb there's a new project called FererID (http:// 
federid.objectweb.org/) - BTW FederId uses XWiki for its site :)

Here's a description (in French): http://linuxfr.org/comments/ 
811999.html#811999

-Vincent

On Mar 20, 2007, at 9:25 AM, Sergiu Dumitriu wrote:

> There's also Shibboleth, providing SAML. It has support for  
> specifying access rules, too, not just authentication.
>
> +1 for me. Any extra authentication mechanism means more unique  
> features for XWiki.
>
> http://shibboleth.internet2.edu/
> http://en.wikipedia.org/wiki/SAML
> http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
> http://jira.xwiki.org/jira/browse/XWIKI-402
>
> P.S.: Welcome back, Artem.
>
> On 3/20/07, Artem Melentyev <melenartem at ya.ru> wrote:
> Hi.
>
> I would like to propose the project:
>
> OpenID[1] support in XWiki.
>
> OpenID is an open, decentralized, free framework for user-centric
> digital identity. [1]
>
> 1) XWiki as openid consumer.
>   Possibility to login into xwiki with openid.
> Value: major
>
> 2) XWiki as openid provider.
>   Some users of xwiki will have openid account like  
> username.xwiki.host
> or xwiki.host/openid/username
>   For example users in xwiki.com will have openid = username.xwiki.com
> Value: minor
>
> User story:
> I have account and virtual wiki at username.xwiki.com.
> I wish to login with openid into xwiki.org.
> Standard authentication process with openid[3]:
>   I enter to openid login form at xwiki.org my  
> openid=username.xwiki.com ,
>    click sumbit.
>   xwiki.org redirects me to openid authentication page in
>    username.xwiki.com.
>   I enter my password, click submit.
>   username.xwiki.com redirects me back to xwiki.org.
>   Done. I logined into xwiki.org with openid.
> If I already logined to username.xwiki.com, xwiki.org will not  
> redirects
> me to username.xwiki.com, and I don't enter password.
> I may use my openid=username.xwiki.com as normal openid. For example I
> may write comments to livejournal.com with openid[2].
>
> Advantages:
>   The User needs only one login for all xwikis and openid services.
>   User's openid will be point at homepage on xwiki (possibly).
>   Increase popularity of xwiki project:
>    There are not much openid providers for now. [4]
>    XWiki users will promote xwiki their openids (*.xwiki.com)
>
> There are also bounty($5000) for openid-enabled opensource projects:
> http://iwantmyopenid.org/bounty
>
> There are other authorization protocols, similar to the technology  
> openid:
> http://lid.netmesh.org/
> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
> http://yadis.org/
> But it is not too common.
>
> Technical details:
>   Possible openid implementations: http://code.google.com/p/ 
> openid4java/
>    or http://code.google.com/p/joid/
>   Consumer:
>    Then user logins with openid first time, xwiki create special user
>    like XWiki.openid_<user's openid> for a user settings storage.
>   Provider:
>    java servlet.
>
> WDYT?
>
> Is this project suitable for GSoC 2007?
> Estimated workload: 1-2 man/month
>
> References:
> [1] http://openid.net/
> [2] http://www.livejournal.com/openid/
> [3] http://openid.net/about.bml
> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>
> --
>    Artem Melentyev, UralSU, CS401
>
>
> -- 
> http://purl.org/net/sergiu
>
> --
> You receive this message as a subscriber of the xwiki- 
> dev at objectweb.org mailing list.
> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
> For general help: mailto:sympa at objectweb.org?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/ 
> wws

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.xwiki.org/pipermail/devs/attachments/20070320/4b479705/attachment.htm

More information about the devs mailing list