Talk:User Authentication

From SackWiki

Jump to: navigation, search
09:47<BlueCamel> does sack have sso?
09:48<jpayne> BlueCamel: not yet... i'll setup a wiki page for discussion once
i have the namespace stuff done
09:48<BlueCamel> k
09:48<BlueCamel> I was thinking about using smtp auth backend as a poor-mans
sso base
09:49<jpayne> 2 prerolled things come to mind... pubcookie and openID
09:49<jpayne> cheesy has concerns about openID security
09:50<jpayne> openID isn't really SSO though... more just single authenticator
(but it'd be useful in a LOT more places than just the sackosphere)
09:51<jpayne> pubcookie really is SSO, but it'd only be good for *.sackheads.
org stuff


List of sites with authentication:


PubCookie:

  • rock solid. Used at least one sack-employer. Limited to *.sackheads.org "properties"
  • Will require changes to sites to use RemoteUser from Apache. Certainly exists for mediawiki, but gallery2 and wpmu?
  • Needs a brand new authentication store

OpenID:

  • One "ID" to rule them all
    • Growing popularity across the interweb. sack openid would also authenticate to ANY site using OpenID.
  • Could use new authentication store, or existing mediawiki or wpmu
  • Security concerns 
12:07<cheesy> From what I've read, openid is not very secure
12:12<nug> it isn't for online banking
12:20<cheesy> Just saying, we should probably do a basic analysis before plumping for it
12:21<nug> true
13:23<jpayne> i've seen one comment saying it has holes... and that was responded to with "well in the wpmu add-on yes, but not if it was in core"
13:24<cheesy> I saw something saying the protocol was inherently only suited to casual authentication

Per this, I don't think it actually works


jpayne 10:43, 28 January 2008 (EST)

Retrieved from "http://wiki.sackheads.org/index.php/Talk:User_Authentication"