Return-Path: Delivered-To: apmail-incubator-jspwiki-dev-archive@minotaur.apache.org Received: (qmail 84319 invoked from network); 24 Feb 2009 15:26:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 Feb 2009 15:26:36 -0000 Received: (qmail 28525 invoked by uid 500); 24 Feb 2009 15:26:35 -0000 Delivered-To: apmail-incubator-jspwiki-dev-archive@incubator.apache.org Received: (qmail 28512 invoked by uid 500); 24 Feb 2009 15:26:35 -0000 Mailing-List: contact jspwiki-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jspwiki-dev@incubator.apache.org Delivered-To: mailing list jspwiki-dev@incubator.apache.org Received: (qmail 28501 invoked by uid 99); 24 Feb 2009 15:26:35 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 24 Feb 2009 07:26:35 -0800 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 24 Feb 2009 15:26:27 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 94F39234C48C for ; Tue, 24 Feb 2009 07:26:07 -0800 (PST) Message-ID: <403527721.1235489167595.JavaMail.jira@brutus> Date: Tue, 24 Feb 2009 07:26:07 -0800 (PST) From: "Andrew Jaquith (JIRA)" To: jspwiki-dev@incubator.apache.org Subject: [jira] Commented: (JSPWIKI-94) OpenID support In-Reply-To: <12145556.1196892224922.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/JSPWIKI-94?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12676310#action_12676310 ] Andrew Jaquith commented on JSPWIKI-94: --------------------------------------- OpenID support is important -- this is something I would like to take the lead on for 3.1. One thing we will *not* do is allow users to specify arbitrary identity providers (OpenID OPs) -- at least by default. That is dangerous because of the lack of assurance over authentication. Instead, I think it would be good to simply allow the administrator to configure what OPs they regard as trustworthy. For admins who do want to allow arbitrary OPs, we should allow this as an override option. > OpenID support > -------------- > > Key: JSPWIKI-94 > URL: https://issues.apache.org/jira/browse/JSPWIKI-94 > Project: JSPWiki > Issue Type: New Feature > Components: Authentication&Authorization > Reporter: Janne Jalkanen > Priority: Minor > Fix For: 3.1 > > > Now that OpenID2.0 is launched, we should look seriously into enabling that as a way to manage your JSPWiki identity. > http://openid.net/2007/12/05/openid-2_0-final-ly/ > I don't want to put any specific version on this item - it'll come when someone is motivated enough to make it work ;-). But it's a good idea to keep here so that we don't forget about it. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.