Previously Shane Hathaway wrote:
Alternatively, I have wondered if we actually need full-blown SSO;
perhaps a carefully constructed domain-wide cookie would do the trick.
Any experiences with that?
auth_tkt based cookies sounds like a good option, possibly combined with
something like SQL or
Summary of messages to the zope-tests list.
Period Tue Feb 17 12:00:00 2009 UTC to Wed Feb 18 12:00:00 2009 UTC.
There were 8 messages: 8 from Zope Tests.
Test failures
-
Subject: FAILED (failures=1) : Zope-trunk-alltests Python-2.5.4 : Linux
From: Zope Tests
Date: Tue Feb 17
On Feb 17, 2009, at 7:55 PM, Shane Hathaway wrote:
Gary Poster wrote:
Launchpad uses OpenID. We don't have that slated for abstraction
and open-sourcing immediately. However, most of the Launchpad code
(including this bit) is to be open-sourced by this summer,
abstracted or not.
Gary Poster wrote:
We use the OpenID 2.0 identifier select URL. This is a special OpenID
url that
basically means: identity using whatever ID you have on that server.
The OpenID response will contain the actual OpenID identifier of the
user at
the end of the request.
So sites that
Shane Hathaway schreef:
* The SSO process should be very similar to an ordinary cookie-based
login process. I don't want the user to have to enter their username on
one form and their password on another, but that's the standard OpenID
process.
* This will be implemented in Zope 3.
Reinout van Rees wrote:
So: easiest way is to let some trusted apache plugin handle the hard
part and then laugh all the way to the bank with some 100-line
authentication plugin.
That would usually work, but in this case, customers will be doing their
own installation, so we need to keep
Today I ran into an exception masked by Zope 3. I found the code that
was masking the exception and fixed it locally, but since this small bit
of code has no docs or tests, I can't be sure I won't break stuff if I
check in my change. What do y'all think I should do?
Here is the patch:
On Wed, Feb 18, 2009 at 09:00:10AM -0500, Gary Poster wrote:
On Feb 17, 2009, at 7:55 PM, Shane Hathaway wrote:
Gary Poster wrote:
Launchpad uses OpenID. We don't have that slated for abstraction
and open-sourcing immediately. However, most of the Launchpad code
(including this
Marius Gedminas wrote:
It's my impression that launchpad.net is an OpenID provider only, while
Shane is trying to figure out how to use the OpenID consumer API in
AuthKit.
No. I am going after the more conventional single sign on use case
where many consumers depend on only one centralized