Re: openid support

Thu, 19 Apr 2012 23:34:16 -0700 

Hi Sam,

What proposes Adam is not exactly related. He proposes to introduce a way for 
OFBiz to be an OpenId server.. 
And yes we already discussed about using Shiro in OFBiz. But we also agreed 
recently to focus our efforts on the "slim down" action...

Jacques
  ----- Original Message ----- 
  From: Sam Hamilton 
  To: dev@ofbiz.apache.org 
  Sent: Friday, April 20, 2012 5:39 AM
  Subject: Re: openid support


  Hey Guys, 


  We are soon going to need OAuth support to allow external users to log into 
OFBiz Ecommerce site, which I believe is similar in design to openid. 
  Just wondering if you considered using Apache Shiro http://shiro.apache.org/ 
to help manage the different authentication systems as plugins? If you are 
having to touch all those parts of the framework is it worth thinking about 
changing the system to something that already does this stuff out the box?


  Thanks
  Sam




  On 20 Apr 2012, at 07:10, Scott Gray wrote:



    On 20/04/2012, at 9:40 AM, Adam Heath wrote:


      On 04/19/2012 04:28 PM, Jacques Le Roux wrote:

        Hi Adam,



        The recent trend is to "slim down" OFBiz. This could be one of the

        Apache OFBiz Extras



        If someone needs it it pick up from there, et voilĂ 



      There are multiple layers.  framework/openid, which has the basic

      logic, but not any of the AX extensions.  applications/openidext,

      which then can pull in Person firstName/lastName, ContactMech(ICQ,

      website, phone, etc).



      I'd really prefer to have the former in framework.



      But I guess I need to wait until I can verify it actually works before

      sending it(it does internally, but I need to check it again).


    Perhaps consider putting a patch in jira for review? A new folder under 
both applications and framework seems pretty heavy handed for something that 
sounds so simple.  If they're both just components then there's also no reason 
why they need to be in OFBiz rather than distributed separately unless we know 
they're going to see a reasonable amount of use from the community.

    I think this is going to become a recurring problem though, people will 
always want their components in OFBiz proper for fear of them being 
ignored/invisible if distributed by any other means.  What this project really 
needs is an "extensions" website that acts as an aggregator for 3rd party 
components in a similar manner to firefox/chrome/jQuery/Magento/Eclipse and so 
manner other extensible applications.  If it had a rating/review system then 
that could help us evaluate potential components for inclusion in the core 
distribution (assuming an appropriate license).

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to