[
https://issues.apache.org/jira/browse/JSPWIKI-94?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12676322#action_12676322
]
Tilman Bender commented on JSPWIKI-94:
--------------------------------------
Andrew,
I am not sure if I got you right. What do you mean by the "lack of assurance
over authentication"? Somebody setting up a rogue OP to create fake profiles
for other people?
Could you please elaborate on the specific scenario you have in mind.
Couldn't the scenario look like this:
1. the wiki is non public
2. If a user with a new OpenID wants to register, they can do so (probably
using sreg, if supported by their OP).
3. If the OP is on the whitelist, all is fine. If not so, registration needs to
be confirmed by the wiki admin.
I know this isn't really the "everybody can edit" philosophy of a wiki, but as
we are talking about the need of authentication here, this should
not be an issue anyway.
> OpenID support
> --------------
>
> Key: JSPWIKI-94
> URL: https://issues.apache.org/jira/browse/JSPWIKI-94
> Project: JSPWiki
> Issue Type: New Feature
> Components: Authentication&Authorization
> Reporter: Janne Jalkanen
> Priority: Minor
> Fix For: 3.1
>
>
> Now that OpenID2.0 is launched, we should look seriously into enabling that
> as a way to manage your JSPWiki identity.
> http://openid.net/2007/12/05/openid-2_0-final-ly/
> I don't want to put any specific version on this item - it'll come when
> someone is motivated enough to make it work ;-). But it's a good idea to
> keep here so that we don't forget about it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
