On 09/24/2013 07:01 PM, Atwood, Mark wrote: > | It's actually opposite of how you describe. Writing a good OpenID consumer > is hard due to user interface design issues, > | especially since most people (even most technical people) have no idea how > to properly use OpenID. Education efforts > | have been ongoing for 8 years, so that won't really help either. > > Except that in our case, all our apps are *already* OpenID consumers. There > is no additional education or development needed here. > > Standing up another provider is more work. Making our existing apps be > provider agnostic is less.
Not true. You're forgetting user interface. Currently, we have passthrough SSO. That means you, at worst, click "login" then get redirected, then click OK, then get redirected. Done. If we went to "any provider" - you'd have to click "login" - then enter your OpenID - which will confuse almost every single developer we have, since only a handful of us in the world actually understand OpenID, then they will all come to #openstack-infra and ask questions. Then they will get it wrong. Then they will mistype their OpenID. Then they WON'T HAVE ONE... then they'll get it wrong again... and a giant pile of fail will ensue. _______________________________________________ OpenStack-Infra mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra
