On Wed, Jul 21, 2010 at 1:39 PM, Wichert Akkerman <wich...@wiggy.net> wrote:

> On 2010-7-20 22:32, Christopher Warner wrote:
> > http://dev.plone.org/plone/ticket/10687
> >
> > Formally proposing Plone OpenID Federated Login:
> I read the ticket, but I still have no idea what a federated login is.
> Is this an extension on top of OpenID? Is it something else?
> Wichert.
> --
> Wichert Akkerman <wich...@wiggy.net>   It is simple to make things.
> http://www.wiggy.net/                  It is hard to make things simple.
> _______________________________________________
> Framework-Team mailing list
> Framework-Team@lists.plone.org
> http://lists.plone.org/mailman/listinfo/framework-team

It's just nomenclature. Essentially Aol, Yahoo, Google etc all provide login
via OpenID. However they also provide or use other "Federated" or "One
sign-on to rule them all" authentication systems. For instance; Facebook has
an openid endpoint (which tends to work sporadically); They also have
Facebook connect. Google tends to stick with email address or OpenID. Aol
the same.

Most of these services don't publicly advertise their use of OpenID as it
kills mindshare and brand. Why sign-in to facebook with openid when you
could sign in via Facebook connect which essentially gets one to login and
use Facebook services. Same with all the others. You won't see Yahoo
promoting Google by saying "Did you know that you can login using your
Google account". Or vice versa. Since Plone as a CMS doesn't have to be
concerned about such things; we can be concerned about the overall confusion
the user must experience with the OpenID URL dialog and do so.

So, the idea is to concentrate solely on OpenID as the solution to single
sign on and as Plone already supports OpenID. It's a two bird one stone
equation. A user will understand logging into Yahoo or Google more readily
than providing an OpenID URL. Thus, technically, any way you look at it. By
easing the opportunity via a click, they are using OpenID, which makes it* *an
easy and ubiquitous solution.

As I don't readily have a study or statistics beyond my own anecdotal
experience which spawned this whole thing and Google's own usability
research[1] on the topic. I can't say if this will have its intended affect
in all cases. In my users case clicking a button for the service they use
the most and logging in without having to know a OpenID URL is much much
more productive and I think it would be a minor usability update that will
help the overall Plone community.

   1. http://sites.google.com/site/oauthgoog/UXFedLogin/summary

Christopher Warner
Framework-Team mailing list

Reply via email to