cubicweb #343801 have openid authentification [resolved]
title says it all. Be able to associate a login to an openid url and get the authentification from there. | |
| priority | important |
|---|---|
| type | enhancement |
| done in | 3.10.0 |
| load | 1.000 |
| load left | 0.000 |
| closed by | <not specified> |
similar entities
- Persona (byMozilla Identity team) (http://identity.mozilla.com/)
- cubicweb-trustedauth cw authentication plugin behind a trusted reverse proxy
- cubicweb-openidrelay OpenID 2.0 relay implementation
- cubicweb #1056022 enhance support for distributed config
- cubicweb #501411 look at foaf+ssl authentication
[see all]
Comments
-
2010/03/09 18:36, written by anon
-
2010/03/10 06:58, written by anon
- http://openid.net/get-an-openid/what-is-openid/
- http://openid.net/add-openid/
-
2010/03/10 09:53, written by nchauvat
-
2010/04/14 06:45
-
2010/09/01 10:36, written by acampeas
-
2010/09/01 14:12, written by acampeas
- http://oauth.net/
- http://hueniverse.com/oauth/
-
2010/09/01 14:49, written by acampeas
- http://yadis.org/wiki/Main_Page
-
2010/09/02 16:42, written by acampeas
- have (write) access to some specific tables
- ability to create a new cwuser
-
2010/09/08 15:07, written by acampeas
-
2010/09/06 13:28, written by acampeas
-
2010/09/06 13:46, written by nchauvat
-
2010/09/06 13:52, written by acampeas
-
2010/10/04 16:56, written by acampeas
add commentshould this ticket be implemented in cubicweb-registration instead ?
Being able to use a CW URL as an OpenId URL could be nice too. Maybe this is a separate ticket, though.
I believe the application being an openid provider is different from the application accepting openid for authentication.
Interesting read: http://blog.stackoverflow.com/2010/04/openid-one-year-later/
http://pypi.python.org/pypi/python-openid/ looks really good
also relevant:
also relevant:
Pb. while attempting to write a cube that implements OpenID authentication: the authentication chain is invoked either without any existing session or inbetween an already closed session and the yet-to-be opened session. That leaves us without any ability to write to the database.
The requirements for OpenID auth. to succeed are:
(so as to avoid the costly openid stateless mode)
would repo.internal_session work at this level ? (I expect it would not)
http://esw.w3.org/WebID is the new hot thing
ditch openid and jump there ?
WebID is also know as FOAF+SSL. We already have a ticket for FOAF+SSL... and we need to implement both OpenID and WebID. Having CW as an OpenID provider is not our top priority though.
The cube I did start working on (I should have marked this ticket as "ongoing", sorry) is indeed only concerned by the consummer/relay part of OpenID.
This ticket actually implements some required changes to make the openidrelay cuibe work.