I'm not sure prebuilt OpenID is the best solution for our needs. Ideally, we should be able to extend and add functionality as needed.
If we want to do that, it's probably best to have the "core" system (profiles, database) built on Habari. With that core in place, we should be able to build auth modules for other platforms. I don't think we should use a premade OpenID package, but maybe the core system could conform to the OpenID or OAuth specs? Also, don't forget Owen's point: any such solution should be able to integrate with both Trac and SVN. On Jun 2, 2009, at 6:09 AM, Alex Hempton-Smith wrote: > I've been looking at options for creating a single sign-on system > for each of the apps at the hp.o site. We ultimately need > integration between Habari/Trac/MediaWiki/Vanilla, I came to the > conclusion that with so many different systems, and the possibility > of more in the future if we choose, our user data should be in one > central place and shared with the apps as they need. > > The hub would contain data such as: > > username > password > email address > real name > > and perhaps more optional fields, if apps required them. > > I'm no expert on this, but openID [1] and the Simple Registration > Extension [2] seem to do the trick. The apps would authenticate > themselves with the openID server [3] on hp.o, which would grant > full access to all data, but only to apps on our domain [4]. The SR > extension would then give the apps the universal information they > need, and specific apps could save data for that user in their > relevant DB's using their username as a UID. > > I would love to hear any other ideas/improvements on how we can > achieve single sign-on for these systems. I think it's key we do > this at the same time as, and if not before, working on our Habari > profile system, with badges etc. > > -- Alex (Hempsworth) > > [1] Site: http://openid.net > [2] Spec: http://is.gd/M8s2 > [3] Different openID server options: http://is.gd/M8wW > [4] As discussed here: http://is.gd/M8u6 > > --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/habari-dev -~----------~----~----~----~------~----~------~--~---
