On Feb 19, 2009, at 2:07 AM, Marius Gedminas wrote:
>
> I have the impression that you're talking past each other.
>
> There are two ways of using OpenID:
>
> * you can be an OpenID provider, i.e. accept logins with username &
>password and respond to authentication requests from other websit
Marius Gedminas wrote:
> It's my impression that launchpad.net is an OpenID provider only, while
> Shane is trying to figure out how to use the OpenID consumer API in
> AuthKit.
No. I am going after the more conventional single sign on use case
where many consumers depend on only one centralized
On Wed, Feb 18, 2009 at 09:00:10AM -0500, Gary Poster wrote:
> On Feb 17, 2009, at 7:55 PM, Shane Hathaway wrote:
>
> > Gary Poster wrote:
> >> Launchpad uses OpenID. We don't have that slated for abstraction
> >> and open-sourcing immediately. However, most of the Launchpad code
> >> (includ
Reinout van Rees wrote:
> So: easiest way is to let some trusted apache plugin handle the hard
> part and then laugh all the way to the bank with some 100-line
> authentication plugin.
That would usually work, but in this case, customers will be doing their
own installation, so we need to keep
Shane Hathaway schreef:
> * The SSO process should be very similar to an ordinary cookie-based
> login process. I don't want the user to have to enter their username on
> one form and their password on another, but that's the standard OpenID
> process.
>
> * This will be implemented in Zope 3
Gary Poster wrote:
> We use the OpenID 2.0 identifier select URL. This is a special OpenID
> url that
> basically means: identity using whatever ID you have on that server.
>
> The OpenID response will contain the actual OpenID identifier of the
> user at
> the end of the request.
>
> So site
On Feb 17, 2009, at 7:55 PM, Shane Hathaway wrote:
> Gary Poster wrote:
>> Launchpad uses OpenID. We don't have that slated for abstraction
>> and open-sourcing immediately. However, most of the Launchpad code
>> (including this bit) is to be open-sourced by this summer,
>> abstracted or n
Previously Shane Hathaway wrote:
> Alternatively, I have wondered if we actually need full-blown SSO;
> perhaps a carefully constructed domain-wide cookie would do the trick.
> Any experiences with that?
auth_tkt based cookies sounds like a good option, possibly combined with
something like SQL
Gary Poster wrote:
> Launchpad uses OpenID. We don't have that slated for abstraction and
> open-sourcing immediately. However, most of the Launchpad code
> (including this bit) is to be open-sourced by this summer, abstracted or
> not. Therefore, we should at least be able to give you some id
Hi Shane.
Launchpad uses OpenID. We don't have that slated for abstraction and
open-sourcing immediately. However, most of the Launchpad code
(including this bit) is to be open-sourced by this summer, abstracted
or not. Therefore, we should at least be able to give you some idea
of what
I'm working with a customer on a single sign on (SSO) system for Zope.
We haven't yet chosen which SSO system we want to use. I would like to
hear from anyone who has set up SSO with Zope.
We have some definite requirements:
* We can't accept arbitrary identities like OpenID normally does. We
11 matches
Mail list logo