+1 too.
And there's of course Liberty Aliance and its implementations. For
example on Objectweb there's a new project called FererID (http://
811999.html#811999
-Vincent
On Mar 20, 2007, at 9:25 AM, Sergiu Dumitriu wrote:
There's also Shibboleth, providing SAML. It has
support for
specifying access rules, too, not just authentication.
+1 for me. Any extra authentication mechanism means more unique
features for XWiki.
http://shibboleth.internet2.edu/
http://en.wikipedia.org/wiki/SAML
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
http://jira.xwiki.org/jira/browse/XWIKI-402
P.S.: Welcome back, Artem.
On 3/20/07, Artem Melentyev <melenartem(a)ya.ru> wrote:
Hi.
I would like to propose the project:
OpenID[1] support in XWiki.
OpenID is an open, decentralized, free framework for user-centric
digital identity. [1]
1) XWiki as openid consumer.
Possibility to login into xwiki with openid.
Value: major
2) XWiki as openid provider.
Some users of xwiki will have openid account like
username.xwiki.host
or xwiki.host/openid/username
For example users in
xwiki.com will have openid =
username.xwiki.com
Value: minor
User story:
I have account and virtual wiki at
username.xwiki.com.
I wish to login with openid into
xwiki.org.
Standard authentication process with openid[3]:
I enter to openid login form at
xwiki.org my
openid=username.xwiki.com ,
click sumbit.
xwiki.org redirects me to openid authentication page in
username.xwiki.com.
I enter my password, click submit.
username.xwiki.com redirects me back to
xwiki.org.
Done. I logined into
xwiki.org with openid.
If I already logined to
username.xwiki.com,
xwiki.org will not
redirects
me to
username.xwiki.com, and I don't enter password.
I may use my
openid=username.xwiki.com as normal openid. For example I
may write comments to
livejournal.com with openid[2].
Advantages:
The User needs only one login for all xwikis and openid services.
User's openid will be point at homepage on xwiki (possibly).
Increase popularity of xwiki project:
There are not much openid providers for now. [4]
XWiki users will promote xwiki their openids (*.xwiki.com)
There are also bounty($5000) for openid-enabled opensource projects:
http://iwantmyopenid.org/bounty
There are other authorization protocols, similar to the technology
openid:
http://lid.netmesh.org/
http://en.wikipedia.org/wiki/Inames (inames mostly paid)
http://yadis.org/
But it is not too common.
Technical details:
Possible openid implementations:
http://code.google.com/p/
openid4java/
or
http://code.google.com/p/joid/
Consumer:
Then user logins with openid first time, xwiki create special user
like XWiki.openid_<user's openid> for a user settings storage.
Provider:
java servlet.
WDYT?
Is this project suitable for GSoC 2007?
Estimated workload: 1-2 man/month
References:
[1]
http://openid.net/
[2]
http://www.livejournal.com/openid/
[3]
http://openid.net/about.bml
[4]
http://openid.net/wiki/index.php/Public_OpenID_providers
--
Artem Melentyev, UralSU, CS401
--
http://purl.org/net/sergiu
--
You receive this message as a subscriber of the xwiki-
dev(a)objectweb.org mailing list.
To unsubscribe: mailto:xwiki-dev-unsubscribe@objectweb.org
For general help: mailto:sympa@objectweb.org?subject=help
ObjectWeb mailing lists service home page:
http://www.objectweb.org/
wws