Re: Should we remove openid from Sling's launchpad?
Not sure if we have to touch auth for Oak in general, I though the basics should work (but I'm not 100% sure). One more reason to switch to Oak once SLING-7 is out Carsten 2014-09-25 16:52 GMT+02:00 Oliver Lietz apa...@oliverlietz.de: On Wednesday 24 September 2014 16:03:28 Antonio Sanso wrote: On Sep 24, 2014, at 1:51 PM, Oliver Lietz apa...@oliverlietz.de wrote: On Wednesday 24 September 2014 11:13:59 Carsten Ziegeler wrote: Our launchpad currently contains openid support - which is old/not recommended to be used anymore. And maybe the implementation is also broken... So I think we should not have this in Sling-7 WDYT? +1 +1 for removing broken stuff, but we should come up with an alternative. Maybe Antonio can step in and help with OpenID Connect which he started in 2013 (I already did an update in my whiteboard space back in April to make it at least compile). I wish to. The thing that made me stop working on it is that I am not “happy” with the current LoginModulePlugin approach (since is not ideal). It would be really nice to finally tackle https://issues.apache.org/jira/browse/SLING-2623 that I consider a blocker if we really want to have something as OAuth or OpenIdConnect (or any form of third party authentication…) I have skimmend through SLING-2623... our latest org.apache.sling.jcr.jackrabbit.server bundle already exports all packages from embedded Jackrabbit 2.6.5. The Auth XING modules in contrib do third party authentication but require repository users - would be cool to (optionally) get rid of them. And we need to touch authentication anyway when switching to Oak, no? So let's tackle it. O. regards antonio O. Carsten -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org
Re: Should we remove openid from Sling's launchpad?
On Wednesday 24 September 2014 16:03:28 Antonio Sanso wrote: On Sep 24, 2014, at 1:51 PM, Oliver Lietz apa...@oliverlietz.de wrote: On Wednesday 24 September 2014 11:13:59 Carsten Ziegeler wrote: Our launchpad currently contains openid support - which is old/not recommended to be used anymore. And maybe the implementation is also broken... So I think we should not have this in Sling-7 WDYT? +1 +1 for removing broken stuff, but we should come up with an alternative. Maybe Antonio can step in and help with OpenID Connect which he started in 2013 (I already did an update in my whiteboard space back in April to make it at least compile). I wish to. The thing that made me stop working on it is that I am not “happy” with the current LoginModulePlugin approach (since is not ideal). It would be really nice to finally tackle https://issues.apache.org/jira/browse/SLING-2623 that I consider a blocker if we really want to have something as OAuth or OpenIdConnect (or any form of third party authentication…) I have skimmend through SLING-2623... our latest org.apache.sling.jcr.jackrabbit.server bundle already exports all packages from embedded Jackrabbit 2.6.5. The Auth XING modules in contrib do third party authentication but require repository users - would be cool to (optionally) get rid of them. And we need to touch authentication anyway when switching to Oak, no? So let's tackle it. O. regards antonio O. Carsten
Re: Should we remove openid from Sling's launchpad?
+1 for removing the openid bundle Robert On Wed, Sep 24, 2014 at 12:13 PM, Carsten Ziegeler cziege...@apache.org wrote: Our launchpad currently contains openid support - which is old/not recommended to be used anymore. And maybe the implementation is also broken... So I think we should not have this in Sling-7 WDYT? Carsten -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org
Re: Should we remove openid from Sling's launchpad?
On Wednesday 24 September 2014 11:13:59 Carsten Ziegeler wrote: Our launchpad currently contains openid support - which is old/not recommended to be used anymore. And maybe the implementation is also broken... So I think we should not have this in Sling-7 WDYT? +1 for removing broken stuff, but we should come up with an alternative. Maybe Antonio can step in and help with OpenID Connect which he started in 2013 (I already did an update in my whiteboard space back in April to make it at least compile). O. Carsten
Re: Should we remove openid from Sling's launchpad?
It seems we have to also remove the auth selector model which has hard coded stuff for open id in it. Not sure what it really does Carsten 2014-09-24 13:51 GMT+02:00 Oliver Lietz apa...@oliverlietz.de: On Wednesday 24 September 2014 11:13:59 Carsten Ziegeler wrote: Our launchpad currently contains openid support - which is old/not recommended to be used anymore. And maybe the implementation is also broken... So I think we should not have this in Sling-7 WDYT? +1 for removing broken stuff, but we should come up with an alternative. Maybe Antonio can step in and help with OpenID Connect which he started in 2013 (I already did an update in my whiteboard space back in April to make it at least compile). O. Carsten -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org
Re: Should we remove openid from Sling's launchpad?
If no one objects I'll remove the auth selector as well - its really only usable with the openid stuff. Carsten 2014-09-24 15:04 GMT+02:00 Carsten Ziegeler cziege...@apache.org: It seems we have to also remove the auth selector model which has hard coded stuff for open id in it. Not sure what it really does Carsten 2014-09-24 13:51 GMT+02:00 Oliver Lietz apa...@oliverlietz.de: On Wednesday 24 September 2014 11:13:59 Carsten Ziegeler wrote: Our launchpad currently contains openid support - which is old/not recommended to be used anymore. And maybe the implementation is also broken... So I think we should not have this in Sling-7 WDYT? +1 for removing broken stuff, but we should come up with an alternative. Maybe Antonio can step in and help with OpenID Connect which he started in 2013 (I already did an update in my whiteboard space back in April to make it at least compile). O. Carsten -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org
Re: Should we remove openid from Sling's launchpad?
On Sep 24, 2014, at 1:51 PM, Oliver Lietz apa...@oliverlietz.de wrote: On Wednesday 24 September 2014 11:13:59 Carsten Ziegeler wrote: Our launchpad currently contains openid support - which is old/not recommended to be used anymore. And maybe the implementation is also broken... So I think we should not have this in Sling-7 WDYT? +1 +1 for removing broken stuff, but we should come up with an alternative. Maybe Antonio can step in and help with OpenID Connect which he started in 2013 (I already did an update in my whiteboard space back in April to make it at least compile). I wish to. The thing that made me stop working on it is that I am not “happy” with the current LoginModulePlugin approach (since is not ideal). It would be really nice to finally tackle https://issues.apache.org/jira/browse/SLING-2623 that I consider a blocker if we really want to have something as OAuth or OpenIdConnect (or any form of third party authentication…) regards antonio O. Carsten
Re: Should we remove openid from Sling's launchpad?
On Wednesday 24 September 2014 15:04:50 Carsten Ziegeler wrote: It seems we have to also remove the auth selector model which has hard coded stuff for open id in it. Not sure what it really does AFAIR it's for switching auth modules from a user's pov (selecting). It depends on Form and OpenID modules. O.
Re: Should we remove openid from Sling's launchpad?
Right, so it's use is really limited to the openid stuff - so I removed it from launchpad and moved the module to the contrib section Regards Carsten 2014-09-24 17:32 GMT+02:00 Oliver Lietz apa...@oliverlietz.de: On Wednesday 24 September 2014 15:04:50 Carsten Ziegeler wrote: It seems we have to also remove the auth selector model which has hard coded stuff for open id in it. Not sure what it really does AFAIR it's for switching auth modules from a user's pov (selecting). It depends on Form and OpenID modules. O. -- Carsten Ziegeler Adobe Research Switzerland cziege...@apache.org