I want to do Stuff with OpenID. The way I see it, your OpenID right now can only replace your password, not your username, in many applications. That's because you want to be able to say:
http://some.web.app/user/USERNAME/whatever Putting your OpenID, which is a URL, where "USERNAME" appears is just weird. I've been wondering if the correct approach for handling this is to log in using only your OpenID, and then let you choose a profile from among those available. "profile" would replace the traditional "user" concept. Most users would only have one profile, and that would be that. Here are some thoughts: I am writing a wish list system. (See a forthcoming post.) I have a seven-month old daughter. I want to be able to manage both my wishlist and hers. I want both of these URLs to work: http://wishlist.xyz.zy/wishlist/rjbs http://wishlist.xyz.zy/wishlist/mjs ...and I want to be in charge of the content for both. In fact, I'd like my wife to be able to edit the content for both: http://wishlist.xyz.zy/wishlist/gloria http://wishlist.xyz.zy/wishlist/mjs One way is to say that user 'mjs' delegates some kind of permission to users rjbs and gloria. Another would be to make mjs be a group, and have both rjbs and mjs as admins of that group. (These two options are basically identical without further definition of user v. group, but I've said it anyway.) If a user isn't actually username/openid, but rather just openid, then there is a relationship like; openid A / is / rjbs openid A / is / mjs The problem, in my mind, with this, is that if there is no primary "user" associated with the login, then it will be weird to see equal billing given to your own data and the data of another identity that you use only rarely. Worse, there would be these data, too: openid B / is / gloria openid B / is / mjs Well, if A and B have equal reign over mjs, can one remove the other? Ugh. We probably will end up wanting some way to give B access to something without making it equivalent to the owner. So, I think maybe delegation is the right way to go. You'd have to create a new identity for each distinct, well, identity, but you could delegate permissions to other identities easily. There would be an rjbs/openid-A login and a gloria/openid-B login. Then there are a few ways to handle mjs: 1. there is mjs/openid-? which delegates to both rjbs and gloria 2. rjbs creates a second wishlist on his account and delegates permissions on that to gloria; now there is now 'mjs' username for URLs, but there is one shared, editable list. I know this is sort of a ramble, but it's something I'm thinking about now and then. Any other thoughts? -- rjbs --------------------------------------------------------------------- Web Archive: http://www.mail-archive.com/[email protected]/ http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2 To unsubscribe, or change your message delivery options, visit: http://www.erlbaum.net/mailman/listinfo/cgiapp
