Hi Sam, What proposes Adam is not exactly related. He proposes to introduce a way for OFBiz to be an OpenId server.. And yes we already discussed about using Shiro in OFBiz. But we also agreed recently to focus our efforts on the "slim down" action...
Jacques ----- Original Message ----- From: Sam Hamilton To: dev@ofbiz.apache.org Sent: Friday, April 20, 2012 5:39 AM Subject: Re: openid support Hey Guys, We are soon going to need OAuth support to allow external users to log into OFBiz Ecommerce site, which I believe is similar in design to openid. Just wondering if you considered using Apache Shiro http://shiro.apache.org/ to help manage the different authentication systems as plugins? If you are having to touch all those parts of the framework is it worth thinking about changing the system to something that already does this stuff out the box? Thanks Sam On 20 Apr 2012, at 07:10, Scott Gray wrote: On 20/04/2012, at 9:40 AM, Adam Heath wrote: On 04/19/2012 04:28 PM, Jacques Le Roux wrote: Hi Adam, The recent trend is to "slim down" OFBiz. This could be one of the Apache OFBiz Extras If someone needs it it pick up from there, et voilĂ There are multiple layers. framework/openid, which has the basic logic, but not any of the AX extensions. applications/openidext, which then can pull in Person firstName/lastName, ContactMech(ICQ, website, phone, etc). I'd really prefer to have the former in framework. But I guess I need to wait until I can verify it actually works before sending it(it does internally, but I need to check it again). Perhaps consider putting a patch in jira for review? A new folder under both applications and framework seems pretty heavy handed for something that sounds so simple. If they're both just components then there's also no reason why they need to be in OFBiz rather than distributed separately unless we know they're going to see a reasonable amount of use from the community. I think this is going to become a recurring problem though, people will always want their components in OFBiz proper for fear of them being ignored/invisible if distributed by any other means. What this project really needs is an "extensions" website that acts as an aggregator for 3rd party components in a similar manner to firefox/chrome/jQuery/Magento/Eclipse and so manner other extensible applications. If it had a rating/review system then that could help us evaluate potential components for inclusion in the core distribution (assuming an appropriate license).
smime.p7s
Description: S/MIME cryptographic signature