[xwiki-dev] [Proposal] OpenID support in XWiki

Bradley Beddoes beddoes at intient.com
Tue Mar 20 12:40:14 CET 2007 

Hi,
I will provide the list with links when things are available online, 
expected timeframe is about 3 weeks.

regards,
Bradley

-- 
Bradley Beddoes
Lead Software Architect

http://intient.com
Intient - "Open Source, Open Standards"

Vincent Massol wrote:
> Hi Bradley,
> 
> On Mar 20, 2007, at 12:16 PM, Bradley Beddoes wrote:
> 
>> Hi,
>> I have a major piece of the SSO puzzle under development currently, 
>> due for release in the next few weeks which targets enterprises, it 
>> will be available under the apache 2.0 licence.
>>
>> It will allow applications such as xwiki to implement the SAML 2.0 
>> spec cleanly using an easy to adapt java library/filter combination 
>> between the application (xwiki) and a central point called the 
>> "enterprise sign on engine".
>>
>> The ESOE is an extremely intelligent piece of software supporting many 
>> types of internally facing enterprise SSO solutions including 
>> automatic sign on for windows machines connected to AD, login to 
>> windows, automatically logon to the web tier.
>>
>> Additionally it supports many external facing SSO solutions including 
>> OpenID, Shibboleth 1.3x and Yahoo BB auth to name just the starting 
>> line up, its extensible architecture means it can support anything new 
>> into the future.
>>
>> Essentially you make xwiki understand our single service provider and 
>> using the ESOE automatically get any kind of SSO/Authentication system 
>> available on the planet supported.
>>
>> If your interested and I hope you are I can post again when its out 
>> with the project URL.
> 
> That sounds very cool. Could you post some links?
> 
> Thanks
> -Vincent
> 
>> jeremi joslin wrote:
>>> Hi Artem,
>>> I think it's a great idea. But I don't think it's very long to
>>> implement. I would prefer you to work on a more generic problematic of
>>> single sign on in xwiki.
>>> You can implement OpenId and another single sign on a more enterprise
>>> oriented than OpenId.
>>> WDYT?
>>> Jeremi
>>> On 3/20/07, Artem Melentyev <melenartem at ya.ru> wrote:
>>>> Hi.
>>>>
>>>> I would like to propose the project:
>>>>
>>>> OpenID[1] support in XWiki.
>>>>
>>>> OpenID is an open, decentralized, free framework for user-centric
>>>> digital identity. [1]
>>>>
>>>> 1) XWiki as openid consumer.
>>>>   Possibility to login into xwiki with openid.
>>>> Value: major
>>>>
>>>> 2) XWiki as openid provider.
>>>>   Some users of xwiki will have openid account like username.xwiki.host
>>>> or xwiki.host/openid/username
>>>>   For example users in xwiki.com will have openid = username.xwiki.com
>>>> Value: minor
>>>>
>>>> User story:
>>>> I have account and virtual wiki at username.xwiki.com.
>>>> I wish to login with openid into xwiki.org.
>>>> Standard authentication process with openid[3]:
>>>>   I enter to openid login form at xwiki.org my 
>>>> openid=username.xwiki.com,
>>>>    click sumbit.
>>>>   xwiki.org redirects me to openid authentication page in
>>>>    username.xwiki.com.
>>>>   I enter my password, click submit.
>>>>   username.xwiki.com redirects me back to xwiki.org.
>>>>   Done. I logined into xwiki.org with openid.
>>>> If I already logined to username.xwiki.com, xwiki.org will not 
>>>> redirects
>>>> me to username.xwiki.com, and I don't enter password.
>>>> I may use my openid=username.xwiki.com as normal openid. For example I
>>>> may write comments to livejournal.com with openid[2].
>>>>
>>>> Advantages:
>>>>   The User needs only one login for all xwikis and openid services.
>>>>   User's openid will be point at homepage on xwiki (possibly).
>>>>   Increase popularity of xwiki project:
>>>>    There are not much openid providers for now. [4]
>>>>    XWiki users will promote xwiki their openids (*.xwiki.com)
>>>>
>>>> There are also bounty($5000) for openid-enabled opensource projects:
>>>> http://iwantmyopenid.org/bounty
>>>>
>>>> There are other authorization protocols, similar to the technology 
>>>> openid:
>>>> http://lid.netmesh.org/
>>>> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
>>>> http://yadis.org/
>>>> But it is not too common.
>>>>
>>>> Technical details:
>>>>   Possible openid implementations: 
>>>> http://code.google.com/p/openid4java/
>>>>    or http://code.google.com/p/joid/
>>>>   Consumer:
>>>>    Then user logins with openid first time, xwiki create special user
>>>>    like XWiki.openid_<user's openid> for a user settings storage.
>>>>   Provider:
>>>>    java servlet.
>>>>
>>>> WDYT?
>>>>
>>>> Is this project suitable for GSoC 2007?
>>>> Estimated workload: 1-2 man/month
>>>>
>>>> References:
>>>> [1] http://openid.net/
>>>> [2] http://www.livejournal.com/openid/
>>>> [3] http://openid.net/about.bml
>>>> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>>>>
>>>> --   Artem Melentyev, UralSU, CS401
>>>>
>>>>
>>>>
>>>>
>>>> --You receive this message as a subscriber of the 
>>>> xwiki-dev at objectweb.org mailing list.
>>>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>>>> For general help: mailto:sympa at objectweb.org?subject=help
>>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>>>
>>>>
>>> ------------------------------------------------------------------------
>>> -- 
>>> You receive this message as a subscriber of the 
>>> xwiki-dev at objectweb.org mailing list.
>>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>>> For general help: mailto:sympa at objectweb.org?subject=help
>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>
>>
>> --Bradley Beddoes
>> Lead Software Architect
>>
>> http://intient.com
>> Intient - "Open Source, Open Standards"
>>
>>
>> -- 
>> You receive this message as a subscriber of the 
>> xwiki-dev at objectweb.org mailing list.
>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>> For general help: mailto:sympa at objectweb.org?subject=help
>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
> 
> 
> 
> ------------------------------------------------------------------------
> 
> 
> --
> You receive this message as a subscriber of the xwiki-dev at objectweb.org mailing list.
> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
> For general help: mailto:sympa at objectweb.org?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws

More information about the devs mailing list