https://bugzilla.wikimedia.org/show_bug.cgi?id=29027
Web browser: ---
Bug #: 29027
Summary: User account which acts as OpenID identity must have a
password associated also when $wgOpenIDOnly==true
Product: MediaWiki extensions
Version: any
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: OpenID
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
A problem arises when a wiki with the OpenID extension is set to allow OpenID
logins only ($wgOpenIDOnly=true), and when a user page url shall serve as
OpenID identity to another (wiki, non-wiki) site, and when no password is set
in the user's account.
The authentication process which is initiated by the other site then talks to
our wiki with the extension and prompts the user for their password - if they
are not logged in by cookie or session.
But there is no possibility for users to assign a password by themselves
because normal logins are disabled when having $wgOpenIDOnly=true.
There is also no way to let simply a temporary password be mailed, because
users cannot access the standard login page.
I will find a solution to this dilemma.
Also the theoretically possible solution "user must first login to the Wiki
usign OpenID and "change" their password does not work, because this currently
requires the knowledge of the "old" password - but there is no which is known
to the user"
(filed for better tracking)
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
