I'd like to make sure it's as transparent as possible for end-users. Ideally, once logged into hp.o, you won't have to login anywhere else within Habari. You also shouldn't have to type your OpenID login.
I think this could be accomplished by setting a site-wide cookie with your OpenID url/username, which the various systems could then auth against. I do think all contributors should have a "hub" profile, since that will include Habari-specific information. Maybe we could set it up so the hub is both an OpenID client & server. If you have an external OpenID, authentication would be delegated to it. Profile information would be pulled in, then fed out to the various apps. So, everyone would have a hp.o profile, with the option of delegating. Does that sound like it would work? On Jun 2, 2009, at 5:07 PM, Caius Durling wrote: > On 2 Jun 2009, at 21:49, Alex Hempton-Smith wrote: > >> So that's authentication covered, how do we share universal user >> data between the apps? > > > Its part of the OpenID spec, you can fill out an identity as part of > your OpenID profile, which you can then give apps access to. So > you'd fill in your info in the hp.o user profile bit and then > everything you used that OpenID server for could have access to that > data if you told it to. > > And for those of us that have existing open id profiles elsewhere, > we can just login with that profile - the habari system doesn't need > to care where the open id data comes from. > > C > --- > Caius Durling > [email protected] > +44 (0) 7960 268 100 > http://caius.name/ > --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/habari-dev -~----------~----~----~----~------~----~------~--~---
