Re: [Framework-Team] PLIP Ticket # 10687
> > What will the result be? Will people be able to use the email address from > their Google account on a Plone site? Or their facebook login? > > > Wichert. > > -- > Wichert AkkermanIt is simple to make things. > http://www.wiggy.net/ It is hard to make things simple. > Yes, so a users personal information can be populated via OpenID Attribute Exchange which would pull the information from their OpenID provider and save it in Plone. In this iteration I'd like to support stable OpenID providers and that precludes Facebook unfortunately at this point. -- Christopher Warner http://cwarner.kernelcode.com ___ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team
Re: [Framework-Team] PLIP Ticket # 10687
On 2010-7-21 20:15, Christopher Warner wrote: > It's just nomenclature. Essentially Aol, Yahoo, Google etc all provide > login via OpenID. However they also provide or use other "Federated" or > "One sign-on to rule them all" authentication systems. For instance; > Facebook has an openid endpoint (which tends to work sporadically); They > also have Facebook connect. Google tends to stick with email address or > OpenID. Aol the same. > > Most of these services don't publicly advertise their use of OpenID as > it kills mindshare and brand. Why sign-in to facebook with openid when > you could sign in via Facebook connect which essentially gets one to > login and use Facebook services. Same with all the others. You won't see > Yahoo promoting Google by saying "Did you know that you can login using > your Google account". Or vice versa. Since Plone as a CMS doesn't have > to be concerned about such things; we can be concerned about the overall > confusion the user must experience with the OpenID URL dialog and do so. > > So, the idea is to concentrate solely on OpenID as the solution to > single sign on and as Plone already supports OpenID. It's a two bird one > stone equation. A user will understand logging into Yahoo or Google more > readily than providing an OpenID URL. Thus, technically, any way you > look at it. By easing the opportunity via a click, they are using > OpenID, which makes it* *an easy and ubiquitous solution. What will the result be? Will people be able to use the email address from their Google account on a Plone site? Or their facebook login? Wichert. -- Wichert AkkermanIt is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team
Re: [Framework-Team] PLIP Ticket # 10687
On Wed, Jul 21, 2010 at 1:39 PM, Wichert Akkerman wrote: > On 2010-7-20 22:32, Christopher Warner wrote: > > http://dev.plone.org/plone/ticket/10687 > > > > Formally proposing Plone OpenID Federated Login: > > I read the ticket, but I still have no idea what a federated login is. > Is this an extension on top of OpenID? Is it something else? > > Wichert. > > -- > Wichert AkkermanIt is simple to make things. > http://www.wiggy.net/ It is hard to make things simple. > ___ > Framework-Team mailing list > Framework-Team@lists.plone.org > http://lists.plone.org/mailman/listinfo/framework-team > It's just nomenclature. Essentially Aol, Yahoo, Google etc all provide login via OpenID. However they also provide or use other "Federated" or "One sign-on to rule them all" authentication systems. For instance; Facebook has an openid endpoint (which tends to work sporadically); They also have Facebook connect. Google tends to stick with email address or OpenID. Aol the same. Most of these services don't publicly advertise their use of OpenID as it kills mindshare and brand. Why sign-in to facebook with openid when you could sign in via Facebook connect which essentially gets one to login and use Facebook services. Same with all the others. You won't see Yahoo promoting Google by saying "Did you know that you can login using your Google account". Or vice versa. Since Plone as a CMS doesn't have to be concerned about such things; we can be concerned about the overall confusion the user must experience with the OpenID URL dialog and do so. So, the idea is to concentrate solely on OpenID as the solution to single sign on and as Plone already supports OpenID. It's a two bird one stone equation. A user will understand logging into Yahoo or Google more readily than providing an OpenID URL. Thus, technically, any way you look at it. By easing the opportunity via a click, they are using OpenID, which makes it* *an easy and ubiquitous solution. As I don't readily have a study or statistics beyond my own anecdotal experience which spawned this whole thing and Google's own usability research[1] on the topic. I can't say if this will have its intended affect in all cases. In my users case clicking a button for the service they use the most and logging in without having to know a OpenID URL is much much more productive and I think it would be a minor usability update that will help the overall Plone community. 1. http://sites.google.com/site/oauthgoog/UXFedLogin/summary -- Christopher Warner http://cwarner.kernelcode.com ___ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team
Re: [Framework-Team] PLIP Ticket # 10687
On 2010-7-20 22:32, Christopher Warner wrote: > http://dev.plone.org/plone/ticket/10687 > > Formally proposing Plone OpenID Federated Login: I read the ticket, but I still have no idea what a federated login is. Is this an extension on top of OpenID? Is it something else? Wichert. -- Wichert AkkermanIt is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team
[Framework-Team] PLIP Ticket # 10687
http://dev.plone.org/plone/ticket/10687 Formally proposing Plone OpenID Federated Login: Rough implementation here: http://github.com/christophwarner/plone.openid http://github.com/christophwarner/plone.app.openid Some vid capture of it working: http://bit.ly/dgB4M7 Per the ticket I'll get access to Plone SVN if it's different than my collective rights and summarily create the branches. -- Christopher Warner http://cwarner.kernelcode.com ___ Framework-Team mailing list Framework-Team@lists.plone.org http://lists.plone.org/mailman/listinfo/framework-team
