I believe there are better solutions to provide central authentication authority functions.
>ps: good look finding any good examples for providers for those services. I wouldn't want my Business Application eco-system to be the authentication provider for (tens of) thousands of users for other websites (and functions) and have my computer resources consumed for that process and thus proposing risks to me doing my business or to the tenants that use my system. Please also look at http://en.wikipedia.org/wiki/OpenID regarding the controversies before deciding on this. -1 on incorporation in framework +1 on Apache EXTRA Regards, Pierre Op 20 april 2012 16:43 schreef Adam Heath <doo...@brainfood.com> het volgende: > On 04/20/2012 01:32 AM, Jacques Le Roux wrote: > >> Hi Sam, >> What proposes Adam is not exactly related. He proposes to introduce a >> way for OFBiz to be an OpenId server.. >> And yes we already discussed about using Shiro in OFBiz. But we also >> agreed recently to focus our efforts on the "slim down" action... >> Jacques >> > > Exactly. In this case, ofbiz is like yahoo or google or facebook. Since > ofbiz is supposed to be the controller for your entire business, why > shouldn't it also be the central authentication authority as well? > > ps: good look finding any good examples for providers for those services. >