jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Jaquith (JIRA)" <j...@apache.org>
Subject [jira] Commented: (JSPWIKI-94) OpenID support
Date Tue, 24 Feb 2009 15:26:07 GMT

    [ https://issues.apache.org/jira/browse/JSPWIKI-94?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12676310#action_12676310

Andrew Jaquith commented on JSPWIKI-94:

OpenID support is important -- this is something I would like to take the lead on for 3.1.

One thing we will *not* do is allow users to specify arbitrary identity providers (OpenID
OPs) -- at least by default. That is dangerous because of the lack of assurance over authentication.
Instead, I think it would be good to simply allow the administrator to configure what OPs
they regard as trustworthy.

For admins who do want to allow arbitrary OPs, we should allow this as an override option.

> OpenID support
> --------------
>                 Key: JSPWIKI-94
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-94
>             Project: JSPWiki
>          Issue Type: New Feature
>          Components: Authentication&Authorization
>            Reporter: Janne Jalkanen
>            Priority: Minor
>             Fix For: 3.1
> Now that OpenID2.0 is launched, we should look seriously into enabling that as a way
to manage your JSPWiki identity.
> http://openid.net/2007/12/05/openid-2_0-final-ly/
> I don't want to put any specific version on this item - it'll come when someone is motivated
enough to make it work ;-).  But it's a good idea to keep here so that we don't forget about

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message