FYI. --HH.<br><br><div class="gmail_quote">---------- Forwarded message ----------<br>From: <b class="gmail_sendername">Bernie Innocenti</b> <span dir="ltr"><<a href="mailto:bernie@codewiz.org">bernie@codewiz.org</a>></span><br>
Date: Mon, Nov 10, 2008 at 11:50 PM<br>Subject: OpenID in the wiki<br>To: iaep <<a href="mailto:iaep@lists.sugarlabs.org">iaep@lists.sugarlabs.org</a>><br>Cc: Sugar List <<a href="mailto:sugar@laptop.org">sugar@laptop.org</a>>, Luke Faraone <<a href="mailto:luke@laptop.org">luke@laptop.org</a>>, Henry Hardy <<a href="mailto:hhardy01@gmail.com">hhardy01@gmail.com</a>>, <a href="mailto:evan@prodromou.name">evan@prodromou.name</a><br>
<br><br>Hello,<br>
<br>
we now have OpenID authentication on <a href="http://sugarlabs.org/" target="_blank">http://sugarlabs.org/</a> .<br>
Our OpenID implementation is advertised both as a client and a server, but .<br>
<br>
== OpenID client ==<br>
<br>
First of all, how do you get an OpenID? Surprise! You might already have<br>
one! See: <a href="http://openid.net/get/" target="_blank">http://openid.net/get/</a><br>
<br>
To use it, just click the "login with openid" link in the top-right corner<br>
of the page. If you are already logged in, log off first.<br>
<br>
The client implementation does not seem to support HTTP redirects (as in<br>
<a href="http://codewiz.org/" target="_blank">http://codewiz.org/</a>), but delegation (as in <a href="http://www.codewiz.org/wiki" target="_blank">http://www.codewiz.org/wiki</a>)<br>
works nicely.<br>
<br>
== OpenID server ==<br>
<br>
The server should theoretically allow you to use the URL to your user page<br>
(<a href="http://sugarlabs.org/go/User:YOURNAME" target="_blank">http://sugarlabs.org/go/User:YOURNAME</a>) to authenticate on other<br>
OpenID-enabled sites. I couldn't get it to work with SourceForge, but I<br>
have high hopes it would interoperate across two MediaWiki instances.<br>
<br>
Another annoyance is that, after you've bound your account to an external<br>
OpenID provider, you can't use your user page any longer to authenticate<br>
against sites. This binding seems to be permanent, and undoing it might<br>
require deleting the corresponding database record.<br>
<br>
OpenID is still a somewhat immature standard, but it shows promise and,<br>
more importantly, it's being adopted in several high profile sites.<br>
<br>
== Way forward ==<br>
<br>
I'm available to help install and configure the extension across the<br>
<a href="http://laptop.org" target="_blank">laptop.org</a> wikis, so we can share authentication. I will also look into<br>
OpenID plugins for Trac and the other web applications we currently use.<br>
<br>
I've also cc'd the author of the OpenID MediaWiki extension in case he can<br>
help clarify some of the issues described above.<br>
<font color="#888888"><br>
--<br>
// Bernie Innocenti - <a href="http://www.codewiz.org/" target="_blank">http://www.codewiz.org/</a><br>
\X/ Sugar Labs - <a href="http://www.sugarlabs.org/" target="_blank">http://www.sugarlabs.org/</a><br>
</font></div><br><br clear="all"><br>-- <br>...to live effectively is to live with adequate information.<br>--Norbert Wiener, Cybernetics, 1948<br>