Hi List, The current login mechanism is based on a username, a password, and an HTTPRequest. However, there are different ways in which we can establish identity. To name three, - username and password, as we have already, - external identification, e.g. OpenID which uses redirect to let the user 'prove' his identity, or - a certificate based mechanism, in which the user has some certificate to prove his identity, and perhaps we can come up with other ways we would like to support.
We probably do not want to _explicitly_ support these systems in our codebase, but rather have a generic mechanism into which we can 'plug' identify-providers, and ship Amdatu with a set of providers for the most popular mechanisms. Any thoughts? Angelo
