Hello! There still is confusion around Accounts&SSO and what it does. Specifically, storing plain text passwords in it is under dispute.
Alberto closed a corresponding feature request in the MeeGo 1.0 time frame, saying that it works and gave some example code: http://bugs.meego.com/show_bug.cgi?id=5017 But now Sateesh disagrees and says that "retrieving the credentials is something that is not officially supported or is going to be removed and is not going to be supported in future." (http://bugs.meego.com/show_bug.cgi?id=8027#c4) We also don't have a UI for it, nor any of the plugins which presumably are needed for each online account that is meant to show up in Accounts&SSO. Someone needs to add that sooner or later, but at least I have no idea how to do that. So let's discuss one specific example: Google. The same username/password combination works in the web browser when accessing pages and in the SyncML server offered by Google for contact access. There are several open issues. Please correct/amend... * Define "Google" account. Done by writing a accounts-provider-plugin. Where is that API defined? How is such a plugin installed? Is there an example? * Define services offered by "Google". Done by writing one or more accounts-service-plugins. Same as before - API and example? Are service plugins optional if applications provide different ways of activating services? * Request account credentials. API is libsignon-qt/glib? User enters them in a dialog opened by signon-ui daemon, they get verified by accounts-provider-plugin. Are they returned to requesting app as explained in http://bugs.meego.com/show_bug.cgi?id=5017#c8 ? Does the accounts-provider-plugin have to do something for this to work? * Implement signon-ui daemon. API definition, skeleton example? * Adapt web browser. How does it know that pages under http://www.google.com (or some other domain!) match the account and/or services define before? * Adapt Buteo, as suggested in #5017. If it runs in the background, it probably should not pop up a dialog. SessionData has flags that control that. I looked at the available material. I found the *signon/account*-doc packages in MeeGo (kudos to the packager who was diligent enough to prepare them!) and libsignon-exampleplugin, libsignon-passwordplugin. Does libsignon-exampleplugin correspond to /usr/share/doc/signon-plugins-dev/example from libsignon-doc? What *kind* of plugin is it? There are very few comments in the source. What does libsignon-passwordplugin do? In #5017, one line says: /* the response() slot will be invoked, and there you can do: */ QString password = sessionData.Secret(); But SessionData in SignOn/SessionData of libsignon-devel-2.0-4.1.i586 does not contain such a Secret() method? -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ MeeGo-dev mailing list [email protected] http://lists.meego.com/listinfo/meego-dev
