Now that Matt has upgraded us to Spring Security, I'm reviewing the
Open ID for Roller proposal again.
http://cwiki.apache.org/confluence/x/zVAB
The requirements section of the proposal is a little to complicated
and mixes in implementation details. Below are what I believe to be
the core requirements for the project, in priority order.
Open ID for Roller Requirements
1) Allow new users to register and login via OpenID
2) Allow existing users to login via OpenID
i.e. by associating a Roller user account with an Open ID identity
3) Allow those who wish to leave comments to login via OpenID
4) Allow users to associate multiple OpenID accounts with one Roller account
i.e. associate multiple Open ID identities with one Roller user
Does that sound complete?
Judging from the Spring Security 2.0 docs (http://tinyurl.com/3ne8pb),
supporting #1 should be pretty easy. We'll have to figure out how to
configure Spring Security, possibly adding some extension classes, to
support #2 through #4.
Allen Gillland raised a concern with adding OpenID specific fields to
Roller tables, but we do need some way to store a user's OpenID URI
(or list of URIs) in Roller. Could we do the same thing by adding a
new 'roller_openid' table?
- Dave
