[xwiki-dev] [Proposal] OpenID support in XWiki

Bradley Beddoes beddoes at intient.com
Tue Mar 20 12:51:51 CET 2007 

Vincent Massol wrote:
> 
> On Mar 20, 2007, at 12:40 PM, Bradley Beddoes wrote:
> 
>> Hi,
>> I will provide the list with links when things are available online, 
>> expected timeframe is about 3 weeks.
> 
> oh so it's not open source yet?

It hasn't been released at all yet still in final development/test and 
performance testing stages, when complete it will be licensed under the 
apache 2 license from day 1. (By "complete" it already is feature wise, 
we are just fine tuning performance at this stage really).

> 
> Is it going to be part of an existing open source community such as 
> Apache, Codehaus, ObjectWeb, etc?

No, it will have its own community site, tools etc available.

> 
> Thanks
> -Vincent
> 
>> Vincent Massol wrote:
>>> Hi Bradley,
>>> On Mar 20, 2007, at 12:16 PM, Bradley Beddoes wrote:
>>>> Hi,
>>>> I have a major piece of the SSO puzzle under development currently, 
>>>> due for release in the next few weeks which targets enterprises, it 
>>>> will be available under the apache 2.0 licence.
>>>>
>>>> It will allow applications such as xwiki to implement the SAML 2.0 
>>>> spec cleanly using an easy to adapt java library/filter combination 
>>>> between the application (xwiki) and a central point called the 
>>>> "enterprise sign on engine".
>>>>
>>>> The ESOE is an extremely intelligent piece of software supporting 
>>>> many types of internally facing enterprise SSO solutions including 
>>>> automatic sign on for windows machines connected to AD, login to 
>>>> windows, automatically logon to the web tier.
>>>>
>>>> Additionally it supports many external facing SSO solutions 
>>>> including OpenID, Shibboleth 1.3x and Yahoo BB auth to name just the 
>>>> starting line up, its extensible architecture means it can support 
>>>> anything new into the future.
>>>>
>>>> Essentially you make xwiki understand our single service provider 
>>>> and using the ESOE automatically get any kind of SSO/Authentication 
>>>> system available on the planet supported.
>>>>
>>>> If your interested and I hope you are I can post again when its out 
>>>> with the project URL.
>>> That sounds very cool. Could you post some links?
>>> Thanks
>>> -Vincent
>>>> jeremi joslin wrote:
>>>>> Hi Artem,
>>>>> I think it's a great idea. But I don't think it's very long to
>>>>> implement. I would prefer you to work on a more generic problematic of
>>>>> single sign on in xwiki.
>>>>> You can implement OpenId and another single sign on a more enterprise
>>>>> oriented than OpenId.
>>>>> WDYT?
>>>>> Jeremi
>>>>> On 3/20/07, Artem Melentyev <melenartem at ya.ru> wrote:
>>>>>> Hi.
>>>>>>
>>>>>> I would like to propose the project:
>>>>>>
>>>>>> OpenID[1] support in XWiki.
>>>>>>
>>>>>> OpenID is an open, decentralized, free framework for user-centric
>>>>>> digital identity. [1]
>>>>>>
>>>>>> 1) XWiki as openid consumer.
>>>>>>   Possibility to login into xwiki with openid.
>>>>>> Value: major
>>>>>>
>>>>>> 2) XWiki as openid provider.
>>>>>>   Some users of xwiki will have openid account like 
>>>>>> username.xwiki.host
>>>>>> or xwiki.host/openid/username
>>>>>>   For example users in xwiki.com will have openid = 
>>>>>> username.xwiki.com
>>>>>> Value: minor
>>>>>>
>>>>>> User story:
>>>>>> I have account and virtual wiki at username.xwiki.com.
>>>>>> I wish to login with openid into xwiki.org.
>>>>>> Standard authentication process with openid[3]:
>>>>>>   I enter to openid login form at xwiki.org my 
>>>>>> openid=username.xwiki.com,
>>>>>>    click sumbit.
>>>>>>   xwiki.org redirects me to openid authentication page in
>>>>>>    username.xwiki.com.
>>>>>>   I enter my password, click submit.
>>>>>>   username.xwiki.com redirects me back to xwiki.org.
>>>>>>   Done. I logined into xwiki.org with openid.
>>>>>> If I already logined to username.xwiki.com, xwiki.org will not 
>>>>>> redirects
>>>>>> me to username.xwiki.com, and I don't enter password.
>>>>>> I may use my openid=username.xwiki.com as normal openid. For 
>>>>>> example I
>>>>>> may write comments to livejournal.com with openid[2].
>>>>>>
>>>>>> Advantages:
>>>>>>   The User needs only one login for all xwikis and openid services.
>>>>>>   User's openid will be point at homepage on xwiki (possibly).
>>>>>>   Increase popularity of xwiki project:
>>>>>>    There are not much openid providers for now. [4]
>>>>>>    XWiki users will promote xwiki their openids (*.xwiki.com)
>>>>>>
>>>>>> There are also bounty($5000) for openid-enabled opensource projects:
>>>>>> http://iwantmyopenid.org/bounty
>>>>>>
>>>>>> There are other authorization protocols, similar to the technology 
>>>>>> openid:
>>>>>> http://lid.netmesh.org/
>>>>>> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
>>>>>> http://yadis.org/
>>>>>> But it is not too common.
>>>>>>
>>>>>> Technical details:
>>>>>>   Possible openid implementations: 
>>>>>> http://code.google.com/p/openid4java/
>>>>>>    or http://code.google.com/p/joid/
>>>>>>   Consumer:
>>>>>>    Then user logins with openid first time, xwiki create special user
>>>>>>    like XWiki.openid_<user's openid> for a user settings storage.
>>>>>>   Provider:
>>>>>>    java servlet.
>>>>>>
>>>>>> WDYT?
>>>>>>
>>>>>> Is this project suitable for GSoC 2007?
>>>>>> Estimated workload: 1-2 man/month
>>>>>>
>>>>>> References:
>>>>>> [1] http://openid.net/
>>>>>> [2] http://www.livejournal.com/openid/
>>>>>> [3] http://openid.net/about.bml
>>>>>> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>>>>>>
>>>>>> --   Artem Melentyev, UralSU, CS401
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --You receive this message as a subscriber of the 
>>>>>> xwiki-dev at objectweb.org mailing list.
>>>>>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>>>>>> For general help: mailto:sympa at objectweb.org?subject=help
>>>>>> ObjectWeb mailing lists service home page: 
>>>>>> http://www.objectweb.org/wws
>>>>>>
>>>>>>
>>>>> ------------------------------------------------------------------------ 
>>>>>
>>>>> --You receive this message as a subscriber of the 
>>>>> xwiki-dev at objectweb.org mailing list.
>>>>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>>>>> For general help: mailto:sympa at objectweb.org?subject=help
>>>>> ObjectWeb mailing lists service home page: 
>>>>> http://www.objectweb.org/wws
>>>>
>>>>
>>>> --Bradley Beddoes
>>>> Lead Software Architect
>>>>
>>>> http://intient.com
>>>> Intient - "Open Source, Open Standards"
>>>>
>>>>
>>>> --You receive this message as a subscriber of the 
>>>> xwiki-dev at objectweb.org mailing list.
>>>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>>>> For general help: mailto:sympa at objectweb.org?subject=help
>>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>> ------------------------------------------------------------------------
>>> -- 
>>> You receive this message as a subscriber of the 
>>> xwiki-dev at objectweb.org mailing list.
>>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>>> For general help: mailto:sympa at objectweb.org?subject=help
>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>
>>
>> -- 
>> You receive this message as a subscriber of the 
>> xwiki-dev at objectweb.org mailing list.
>> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
>> For general help: mailto:sympa at objectweb.org?subject=help
>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
> 
> 
> 
> ------------------------------------------------------------------------
> 
> 
> --
> You receive this message as a subscriber of the xwiki-dev at objectweb.org mailing list.
> To unsubscribe: mailto:xwiki-dev-unsubscribe at objectweb.org
> For general help: mailto:sympa at objectweb.org?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws


-- 
Bradley Beddoes
Lead Software Architect

http://intient.com
Intient - "Open Source, Open Standards"

More information about the devs mailing list