[Proposal] OpenID support in XWiki

classic Classic list List threaded Threaded
16 messages Options
Reply | Threaded
Open this post in threaded view
|

[Proposal] OpenID support in XWiki

Artem Melentyev-2
Hi.

I would like to propose the project:

OpenID[1] support in XWiki.

OpenID is an open, decentralized, free framework for user-centric
digital identity. [1]

1) XWiki as openid consumer.
  Possibility to login into xwiki with openid.
Value: major

2) XWiki as openid provider.
  Some users of xwiki will have openid account like username.xwiki.host
or xwiki.host/openid/username
  For example users in xwiki.com will have openid = username.xwiki.com
Value: minor

User story:
I have account and virtual wiki at username.xwiki.com.
I wish to login with openid into xwiki.org.
Standard authentication process with openid[3]:
  I enter to openid login form at xwiki.org my openid=username.xwiki.com,
   click sumbit.
  xwiki.org redirects me to openid authentication page in
   username.xwiki.com.
  I enter my password, click submit.
  username.xwiki.com redirects me back to xwiki.org.
  Done. I logined into xwiki.org with openid.
If I already logined to username.xwiki.com, xwiki.org will not redirects
me to username.xwiki.com, and I don't enter password.
I may use my openid=username.xwiki.com as normal openid. For example I
may write comments to livejournal.com with openid[2].

Advantages:
  The User needs only one login for all xwikis and openid services.
  User's openid will be point at homepage on xwiki (possibly).
  Increase popularity of xwiki project:
   There are not much openid providers for now. [4]
   XWiki users will promote xwiki their openids (*.xwiki.com)

There are also bounty($5000) for openid-enabled opensource projects:
http://iwantmyopenid.org/bounty

There are other authorization protocols, similar to the technology openid:
http://lid.netmesh.org/
http://en.wikipedia.org/wiki/Inames (inames mostly paid)
http://yadis.org/
But it is not too common.

Technical details:
  Possible openid implementations: http://code.google.com/p/openid4java/
   or http://code.google.com/p/joid/
  Consumer:
   Then user logins with openid first time, xwiki create special user
   like XWiki.openid_<user's openid> for a user settings storage.
  Provider:
   java servlet.

WDYT?

Is this project suitable for GSoC 2007?
Estimated workload: 1-2 man/month

References:
[1] http://openid.net/
[2] http://www.livejournal.com/openid/
[3] http://openid.net/about.bml
[4] http://openid.net/wiki/index.php/Public_OpenID_providers

--
   Artem Melentyev, UralSU, CS401




--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

Sergiu Dumitriu
There's also Shibboleth, providing SAML. It has support for specifying access rules, too, not just authentication.

+1 for me. Any extra authentication mechanism means more unique features for XWiki.

http://shibboleth.internet2.edu/
http://en.wikipedia.org/wiki/SAML
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
http://jira.xwiki.org/jira/browse/XWIKI-402

P.S.: Welcome back, Artem.

On 3/20/07, Artem Melentyev <[hidden email]> wrote:
Hi.

I would like to propose the project:

OpenID[1] support in XWiki.

OpenID is an open, decentralized, free framework for user-centric
digital identity. [1]

1) XWiki as openid consumer.
  Possibility to login into xwiki with openid.
Value: major

2) XWiki as openid provider.
  Some users of xwiki will have openid account like username.xwiki.host
or xwiki.host/openid/username
  For example users in xwiki.com will have openid = username.xwiki.com
Value: minor

User story:
I have account and virtual wiki at username.xwiki.com.
I wish to login with openid into xwiki.org.
Standard authentication process with openid[3]:
  I enter to openid login form at xwiki.org my openid=username.xwiki.com ,
   click sumbit.
  xwiki.org redirects me to openid authentication page in
   username.xwiki.com.
  I enter my password, click submit.
  username.xwiki.com redirects me back to xwiki.org.
  Done. I logined into xwiki.org with openid.
If I already logined to username.xwiki.com, xwiki.org will not redirects
me to username.xwiki.com, and I don't enter password.
I may use my openid=username.xwiki.com as normal openid. For example I
may write comments to livejournal.com with openid[2].

Advantages:
  The User needs only one login for all xwikis and openid services.
  User's openid will be point at homepage on xwiki (possibly).
  Increase popularity of xwiki project:
   There are not much openid providers for now. [4]
   XWiki users will promote xwiki their openids (*.xwiki.com)

There are also bounty($5000) for openid-enabled opensource projects:
http://iwantmyopenid.org/bounty

There are other authorization protocols, similar to the technology openid:
http://lid.netmesh.org/
http://en.wikipedia.org/wiki/Inames (inames mostly paid)
http://yadis.org/
But it is not too common.

Technical details:
  Possible openid implementations: http://code.google.com/p/openid4java/
   or http://code.google.com/p/joid/
  Consumer:
   Then user logins with openid first time, xwiki create special user
   like XWiki.openid_<user's openid> for a user settings storage.
  Provider:
   java servlet.

WDYT?

Is this project suitable for GSoC 2007?
Estimated workload: 1-2 man/month

References:
[1] http://openid.net/
[2] http://www.livejournal.com/openid/
[3] http://openid.net/about.bml
[4] http://openid.net/wiki/index.php/Public_OpenID_providers

--
   Artem Melentyev, UralSU, CS401


--
http://purl.org/net/sergiu

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

vmassol
Administrator
+1 too.

And there's of course Liberty Aliance and its implementations. For example on Objectweb there's a new project called FererID (http://federid.objectweb.org/) - BTW FederId uses XWiki for its site :)

Here's a description (in French): http://linuxfr.org/comments/811999.html#811999

-Vincent
 
On Mar 20, 2007, at 9:25 AM, Sergiu Dumitriu wrote:

There's also Shibboleth, providing SAML. It has support for specifying access rules, too, not just authentication.

+1 for me. Any extra authentication mechanism means more unique features for XWiki.

http://shibboleth.internet2.edu/
http://en.wikipedia.org/wiki/SAML
http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
http://jira.xwiki.org/jira/browse/XWIKI-402

P.S.: Welcome back, Artem.

On 3/20/07, Artem Melentyev <[hidden email]> wrote:
Hi.

I would like to propose the project:

OpenID[1] support in XWiki.

OpenID is an open, decentralized, free framework for user-centric
digital identity. [1]

1) XWiki as openid consumer.
  Possibility to login into xwiki with openid.
Value: major

2) XWiki as openid provider.
  Some users of xwiki will have openid account like username.xwiki.host
or xwiki.host/openid/username
  For example users in xwiki.com will have openid = username.xwiki.com
Value: minor

User story:
I have account and virtual wiki at username.xwiki.com.
I wish to login with openid into xwiki.org.
Standard authentication process with openid[3]:
  I enter to openid login form at xwiki.org my openid=username.xwiki.com ,
   click sumbit.
  xwiki.org redirects me to openid authentication page in
   username.xwiki.com.
  I enter my password, click submit.
  username.xwiki.com redirects me back to xwiki.org.
  Done. I logined into xwiki.org with openid.
If I already logined to username.xwiki.com, xwiki.org will not redirects
me to username.xwiki.com, and I don't enter password.
I may use my openid=username.xwiki.com as normal openid. For example I
may write comments to livejournal.com with openid[2].

Advantages:
  The User needs only one login for all xwikis and openid services.
  User's openid will be point at homepage on xwiki (possibly).
  Increase popularity of xwiki project:
   There are not much openid providers for now. [4]
   XWiki users will promote xwiki their openids (*.xwiki.com)

There are also bounty($5000) for openid-enabled opensource projects:
http://iwantmyopenid.org/bounty

There are other authorization protocols, similar to the technology openid:
http://lid.netmesh.org/
http://en.wikipedia.org/wiki/Inames (inames mostly paid)
http://yadis.org/
But it is not too common.

Technical details:
  Possible openid implementations: http://code.google.com/p/openid4java/
   or http://code.google.com/p/joid/
  Consumer:
   Then user logins with openid first time, xwiki create special user
   like XWiki.openid_<user's openid> for a user settings storage.
  Provider:
   java servlet.

WDYT?

Is this project suitable for GSoC 2007?
Estimated workload: 1-2 man/month

References:
[1] http://openid.net/
[2] http://www.livejournal.com/openid/
[3] http://openid.net/about.bml
[4] http://openid.net/wiki/index.php/Public_OpenID_providers

--
   Artem Melentyev, UralSU, CS401


--
http://purl.org/net/sergiu

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: [hidden email]
For general help: [hidden email]
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

jeremi joslin-2
In reply to this post by Artem Melentyev-2
Hi Artem,
I think it's a great idea. But I don't think it's very long to
implement. I would prefer you to work on a more generic problematic of
single sign on in xwiki.

You can implement OpenId and another single sign on a more enterprise
oriented than OpenId.

WDYT?

Jeremi

On 3/20/07, Artem Melentyev <[hidden email]> wrote:

> Hi.
>
> I would like to propose the project:
>
> OpenID[1] support in XWiki.
>
> OpenID is an open, decentralized, free framework for user-centric
> digital identity. [1]
>
> 1) XWiki as openid consumer.
>   Possibility to login into xwiki with openid.
> Value: major
>
> 2) XWiki as openid provider.
>   Some users of xwiki will have openid account like username.xwiki.host
> or xwiki.host/openid/username
>   For example users in xwiki.com will have openid = username.xwiki.com
> Value: minor
>
> User story:
> I have account and virtual wiki at username.xwiki.com.
> I wish to login with openid into xwiki.org.
> Standard authentication process with openid[3]:
>   I enter to openid login form at xwiki.org my openid=username.xwiki.com,
>    click sumbit.
>   xwiki.org redirects me to openid authentication page in
>    username.xwiki.com.
>   I enter my password, click submit.
>   username.xwiki.com redirects me back to xwiki.org.
>   Done. I logined into xwiki.org with openid.
> If I already logined to username.xwiki.com, xwiki.org will not redirects
> me to username.xwiki.com, and I don't enter password.
> I may use my openid=username.xwiki.com as normal openid. For example I
> may write comments to livejournal.com with openid[2].
>
> Advantages:
>   The User needs only one login for all xwikis and openid services.
>   User's openid will be point at homepage on xwiki (possibly).
>   Increase popularity of xwiki project:
>    There are not much openid providers for now. [4]
>    XWiki users will promote xwiki their openids (*.xwiki.com)
>
> There are also bounty($5000) for openid-enabled opensource projects:
> http://iwantmyopenid.org/bounty
>
> There are other authorization protocols, similar to the technology openid:
> http://lid.netmesh.org/
> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
> http://yadis.org/
> But it is not too common.
>
> Technical details:
>   Possible openid implementations: http://code.google.com/p/openid4java/
>    or http://code.google.com/p/joid/
>   Consumer:
>    Then user logins with openid first time, xwiki create special user
>    like XWiki.openid_<user's openid> for a user settings storage.
>   Provider:
>    java servlet.
>
> WDYT?
>
> Is this project suitable for GSoC 2007?
> Estimated workload: 1-2 man/month
>
> References:
> [1] http://openid.net/
> [2] http://www.livejournal.com/openid/
> [3] http://openid.net/about.bml
> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>
> --
>    Artem Melentyev, UralSU, CS401
>
>
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>
>

--
Jeremi Joslin (http://www.jeremi.info)
skype: jeremi23 - jabber: [hidden email]
http://www.xwiki.com - http://www.pengyou-project.info



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

Bradley Beddoes
Hi,
I have a major piece of the SSO puzzle under development currently, due
for release in the next few weeks which targets enterprises, it will be
available under the apache 2.0 licence.

It will allow applications such as xwiki to implement the SAML 2.0 spec
cleanly using an easy to adapt java library/filter combination between
the application (xwiki) and a central point called the "enterprise sign
on engine".

The ESOE is an extremely intelligent piece of software supporting many
types of internally facing enterprise SSO solutions including automatic
sign on for windows machines connected to AD, login to windows,
automatically logon to the web tier.

Additionally it supports many external facing SSO solutions including
OpenID, Shibboleth 1.3x and Yahoo BB auth to name just the starting line
up, its extensible architecture means it can support anything new into
the future.

Essentially you make xwiki understand our single service provider and
using the ESOE automatically get any kind of SSO/Authentication system
available on the planet supported.

If your interested and I hope you are I can post again when its out with
the project URL.

jeremi joslin wrote:

> Hi Artem,
> I think it's a great idea. But I don't think it's very long to
> implement. I would prefer you to work on a more generic problematic of
> single sign on in xwiki.
>
> You can implement OpenId and another single sign on a more enterprise
> oriented than OpenId.
>
> WDYT?
>
> Jeremi
>
> On 3/20/07, Artem Melentyev <[hidden email]> wrote:
>> Hi.
>>
>> I would like to propose the project:
>>
>> OpenID[1] support in XWiki.
>>
>> OpenID is an open, decentralized, free framework for user-centric
>> digital identity. [1]
>>
>> 1) XWiki as openid consumer.
>>   Possibility to login into xwiki with openid.
>> Value: major
>>
>> 2) XWiki as openid provider.
>>   Some users of xwiki will have openid account like username.xwiki.host
>> or xwiki.host/openid/username
>>   For example users in xwiki.com will have openid = username.xwiki.com
>> Value: minor
>>
>> User story:
>> I have account and virtual wiki at username.xwiki.com.
>> I wish to login with openid into xwiki.org.
>> Standard authentication process with openid[3]:
>>   I enter to openid login form at xwiki.org my openid=username.xwiki.com,
>>    click sumbit.
>>   xwiki.org redirects me to openid authentication page in
>>    username.xwiki.com.
>>   I enter my password, click submit.
>>   username.xwiki.com redirects me back to xwiki.org.
>>   Done. I logined into xwiki.org with openid.
>> If I already logined to username.xwiki.com, xwiki.org will not redirects
>> me to username.xwiki.com, and I don't enter password.
>> I may use my openid=username.xwiki.com as normal openid. For example I
>> may write comments to livejournal.com with openid[2].
>>
>> Advantages:
>>   The User needs only one login for all xwikis and openid services.
>>   User's openid will be point at homepage on xwiki (possibly).
>>   Increase popularity of xwiki project:
>>    There are not much openid providers for now. [4]
>>    XWiki users will promote xwiki their openids (*.xwiki.com)
>>
>> There are also bounty($5000) for openid-enabled opensource projects:
>> http://iwantmyopenid.org/bounty
>>
>> There are other authorization protocols, similar to the technology
>> openid:
>> http://lid.netmesh.org/
>> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
>> http://yadis.org/
>> But it is not too common.
>>
>> Technical details:
>>   Possible openid implementations: http://code.google.com/p/openid4java/
>>    or http://code.google.com/p/joid/
>>   Consumer:
>>    Then user logins with openid first time, xwiki create special user
>>    like XWiki.openid_<user's openid> for a user settings storage.
>>   Provider:
>>    java servlet.
>>
>> WDYT?
>>
>> Is this project suitable for GSoC 2007?
>> Estimated workload: 1-2 man/month
>>
>> References:
>> [1] http://openid.net/
>> [2] http://www.livejournal.com/openid/
>> [3] http://openid.net/about.bml
>> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>>
>> --
>>    Artem Melentyev, UralSU, CS401
>>
>>
>>
>>
>> --
>> You receive this message as a subscriber of the
>> [hidden email] mailing list.
>> To unsubscribe: mailto:[hidden email]
>> For general help: mailto:[hidden email]?subject=help
>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>
>>
>
>
>
> ------------------------------------------------------------------------
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws

--
Bradley Beddoes
Lead Software Architect

http://intient.com
Intient - "Open Source, Open Standards"



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

vmassol
Administrator
Hi Bradley,

On Mar 20, 2007, at 12:16 PM, Bradley Beddoes wrote:

> Hi,
> I have a major piece of the SSO puzzle under development currently,  
> due for release in the next few weeks which targets enterprises, it  
> will be available under the apache 2.0 licence.
>
> It will allow applications such as xwiki to implement the SAML 2.0  
> spec cleanly using an easy to adapt java library/filter combination  
> between the application (xwiki) and a central point called the  
> "enterprise sign on engine".
>
> The ESOE is an extremely intelligent piece of software supporting  
> many types of internally facing enterprise SSO solutions including  
> automatic sign on for windows machines connected to AD, login to  
> windows, automatically logon to the web tier.
>
> Additionally it supports many external facing SSO solutions  
> including OpenID, Shibboleth 1.3x and Yahoo BB auth to name just  
> the starting line up, its extensible architecture means it can  
> support anything new into the future.
>
> Essentially you make xwiki understand our single service provider  
> and using the ESOE automatically get any kind of SSO/Authentication  
> system available on the planet supported.
>
> If your interested and I hope you are I can post again when its out  
> with the project URL.
That sounds very cool. Could you post some links?

Thanks
-Vincent

> jeremi joslin wrote:
>> Hi Artem,
>> I think it's a great idea. But I don't think it's very long to
>> implement. I would prefer you to work on a more generic  
>> problematic of
>> single sign on in xwiki.
>> You can implement OpenId and another single sign on a more enterprise
>> oriented than OpenId.
>> WDYT?
>> Jeremi
>> On 3/20/07, Artem Melentyev <[hidden email]> wrote:
>>> Hi.
>>>
>>> I would like to propose the project:
>>>
>>> OpenID[1] support in XWiki.
>>>
>>> OpenID is an open, decentralized, free framework for user-centric
>>> digital identity. [1]
>>>
>>> 1) XWiki as openid consumer.
>>>   Possibility to login into xwiki with openid.
>>> Value: major
>>>
>>> 2) XWiki as openid provider.
>>>   Some users of xwiki will have openid account like  
>>> username.xwiki.host
>>> or xwiki.host/openid/username
>>>   For example users in xwiki.com will have openid =  
>>> username.xwiki.com
>>> Value: minor
>>>
>>> User story:
>>> I have account and virtual wiki at username.xwiki.com.
>>> I wish to login with openid into xwiki.org.
>>> Standard authentication process with openid[3]:
>>>   I enter to openid login form at xwiki.org my  
>>> openid=username.xwiki.com,
>>>    click sumbit.
>>>   xwiki.org redirects me to openid authentication page in
>>>    username.xwiki.com.
>>>   I enter my password, click submit.
>>>   username.xwiki.com redirects me back to xwiki.org.
>>>   Done. I logined into xwiki.org with openid.
>>> If I already logined to username.xwiki.com, xwiki.org will not  
>>> redirects
>>> me to username.xwiki.com, and I don't enter password.
>>> I may use my openid=username.xwiki.com as normal openid. For  
>>> example I
>>> may write comments to livejournal.com with openid[2].
>>>
>>> Advantages:
>>>   The User needs only one login for all xwikis and openid services.
>>>   User's openid will be point at homepage on xwiki (possibly).
>>>   Increase popularity of xwiki project:
>>>    There are not much openid providers for now. [4]
>>>    XWiki users will promote xwiki their openids (*.xwiki.com)
>>>
>>> There are also bounty($5000) for openid-enabled opensource projects:
>>> http://iwantmyopenid.org/bounty
>>>
>>> There are other authorization protocols, similar to the  
>>> technology openid:
>>> http://lid.netmesh.org/
>>> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
>>> http://yadis.org/
>>> But it is not too common.
>>>
>>> Technical details:
>>>   Possible openid implementations: http://code.google.com/p/ 
>>> openid4java/
>>>    or http://code.google.com/p/joid/
>>>   Consumer:
>>>    Then user logins with openid first time, xwiki create special  
>>> user
>>>    like XWiki.openid_<user's openid> for a user settings storage.
>>>   Provider:
>>>    java servlet.
>>>
>>> WDYT?
>>>
>>> Is this project suitable for GSoC 2007?
>>> Estimated workload: 1-2 man/month
>>>
>>> References:
>>> [1] http://openid.net/
>>> [2] http://www.livejournal.com/openid/
>>> [3] http://openid.net/about.bml
>>> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>>>
>>> --
>>>    Artem Melentyev, UralSU, CS401
>>>
>>>
>>>
>>>
>>> --
>>> You receive this message as a subscriber of the xwiki-
>>> [hidden email] mailing list.
>>> To unsubscribe: mailto:[hidden email]
>>> For general help: mailto:[hidden email]?subject=help
>>> ObjectWeb mailing lists service home page: http://
>>> www.objectweb.org/wws
>>>
>>>
>> ---------------------------------------------------------------------
>> ---
>> --
>> You receive this message as a subscriber of the xwiki-
>> [hidden email] mailing list.
>> To unsubscribe: mailto:[hidden email]
>> For general help: mailto:[hidden email]?subject=help
>> ObjectWeb mailing lists service home page: http://
>> www.objectweb.org/wws
>
>
> --
> Bradley Beddoes
> Lead Software Architect
>
> http://intient.com
> Intient - "Open Source, Open Standards"
>
>
> --
> You receive this message as a subscriber of the xwiki-
> [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/ 
> wws



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

Bradley Beddoes
Hi,
I will provide the list with links when things are available online,
expected timeframe is about 3 weeks.

regards,
Bradley

--
Bradley Beddoes
Lead Software Architect

http://intient.com
Intient - "Open Source, Open Standards"

Vincent Massol wrote:

> Hi Bradley,
>
> On Mar 20, 2007, at 12:16 PM, Bradley Beddoes wrote:
>
>> Hi,
>> I have a major piece of the SSO puzzle under development currently,
>> due for release in the next few weeks which targets enterprises, it
>> will be available under the apache 2.0 licence.
>>
>> It will allow applications such as xwiki to implement the SAML 2.0
>> spec cleanly using an easy to adapt java library/filter combination
>> between the application (xwiki) and a central point called the
>> "enterprise sign on engine".
>>
>> The ESOE is an extremely intelligent piece of software supporting many
>> types of internally facing enterprise SSO solutions including
>> automatic sign on for windows machines connected to AD, login to
>> windows, automatically logon to the web tier.
>>
>> Additionally it supports many external facing SSO solutions including
>> OpenID, Shibboleth 1.3x and Yahoo BB auth to name just the starting
>> line up, its extensible architecture means it can support anything new
>> into the future.
>>
>> Essentially you make xwiki understand our single service provider and
>> using the ESOE automatically get any kind of SSO/Authentication system
>> available on the planet supported.
>>
>> If your interested and I hope you are I can post again when its out
>> with the project URL.
>
> That sounds very cool. Could you post some links?
>
> Thanks
> -Vincent
>
>> jeremi joslin wrote:
>>> Hi Artem,
>>> I think it's a great idea. But I don't think it's very long to
>>> implement. I would prefer you to work on a more generic problematic of
>>> single sign on in xwiki.
>>> You can implement OpenId and another single sign on a more enterprise
>>> oriented than OpenId.
>>> WDYT?
>>> Jeremi
>>> On 3/20/07, Artem Melentyev <[hidden email]> wrote:
>>>> Hi.
>>>>
>>>> I would like to propose the project:
>>>>
>>>> OpenID[1] support in XWiki.
>>>>
>>>> OpenID is an open, decentralized, free framework for user-centric
>>>> digital identity. [1]
>>>>
>>>> 1) XWiki as openid consumer.
>>>>   Possibility to login into xwiki with openid.
>>>> Value: major
>>>>
>>>> 2) XWiki as openid provider.
>>>>   Some users of xwiki will have openid account like username.xwiki.host
>>>> or xwiki.host/openid/username
>>>>   For example users in xwiki.com will have openid = username.xwiki.com
>>>> Value: minor
>>>>
>>>> User story:
>>>> I have account and virtual wiki at username.xwiki.com.
>>>> I wish to login with openid into xwiki.org.
>>>> Standard authentication process with openid[3]:
>>>>   I enter to openid login form at xwiki.org my
>>>> openid=username.xwiki.com,
>>>>    click sumbit.
>>>>   xwiki.org redirects me to openid authentication page in
>>>>    username.xwiki.com.
>>>>   I enter my password, click submit.
>>>>   username.xwiki.com redirects me back to xwiki.org.
>>>>   Done. I logined into xwiki.org with openid.
>>>> If I already logined to username.xwiki.com, xwiki.org will not
>>>> redirects
>>>> me to username.xwiki.com, and I don't enter password.
>>>> I may use my openid=username.xwiki.com as normal openid. For example I
>>>> may write comments to livejournal.com with openid[2].
>>>>
>>>> Advantages:
>>>>   The User needs only one login for all xwikis and openid services.
>>>>   User's openid will be point at homepage on xwiki (possibly).
>>>>   Increase popularity of xwiki project:
>>>>    There are not much openid providers for now. [4]
>>>>    XWiki users will promote xwiki their openids (*.xwiki.com)
>>>>
>>>> There are also bounty($5000) for openid-enabled opensource projects:
>>>> http://iwantmyopenid.org/bounty
>>>>
>>>> There are other authorization protocols, similar to the technology
>>>> openid:
>>>> http://lid.netmesh.org/
>>>> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
>>>> http://yadis.org/
>>>> But it is not too common.
>>>>
>>>> Technical details:
>>>>   Possible openid implementations:
>>>> http://code.google.com/p/openid4java/
>>>>    or http://code.google.com/p/joid/
>>>>   Consumer:
>>>>    Then user logins with openid first time, xwiki create special user
>>>>    like XWiki.openid_<user's openid> for a user settings storage.
>>>>   Provider:
>>>>    java servlet.
>>>>
>>>> WDYT?
>>>>
>>>> Is this project suitable for GSoC 2007?
>>>> Estimated workload: 1-2 man/month
>>>>
>>>> References:
>>>> [1] http://openid.net/
>>>> [2] http://www.livejournal.com/openid/
>>>> [3] http://openid.net/about.bml
>>>> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>>>>
>>>> --   Artem Melentyev, UralSU, CS401
>>>>
>>>>
>>>>
>>>>
>>>> --You receive this message as a subscriber of the
>>>> [hidden email] mailing list.
>>>> To unsubscribe: mailto:[hidden email]
>>>> For general help: mailto:[hidden email]?subject=help
>>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>>>
>>>>
>>> ------------------------------------------------------------------------
>>> --
>>> You receive this message as a subscriber of the
>>> [hidden email] mailing list.
>>> To unsubscribe: mailto:[hidden email]
>>> For general help: mailto:[hidden email]?subject=help
>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>
>>
>> --Bradley Beddoes
>> Lead Software Architect
>>
>> http://intient.com
>> Intient - "Open Source, Open Standards"
>>
>>
>> --
>> You receive this message as a subscriber of the
>> [hidden email] mailing list.
>> To unsubscribe: mailto:[hidden email]
>> For general help: mailto:[hidden email]?subject=help
>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>
>
>
> ------------------------------------------------------------------------
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws


--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

vmassol
Administrator

On Mar 20, 2007, at 12:40 PM, Bradley Beddoes wrote:

> Hi,
> I will provide the list with links when things are available  
> online, expected timeframe is about 3 weeks.

oh so it's not open source yet?

Is it going to be part of an existing open source community such as  
Apache, Codehaus, ObjectWeb, etc?

Thanks
-Vincent

> Vincent Massol wrote:
>> Hi Bradley,
>> On Mar 20, 2007, at 12:16 PM, Bradley Beddoes wrote:
>>> Hi,
>>> I have a major piece of the SSO puzzle under development  
>>> currently, due for release in the next few weeks which targets  
>>> enterprises, it will be available under the apache 2.0 licence.
>>>
>>> It will allow applications such as xwiki to implement the SAML  
>>> 2.0 spec cleanly using an easy to adapt java library/filter  
>>> combination between the application (xwiki) and a central point  
>>> called the "enterprise sign on engine".
>>>
>>> The ESOE is an extremely intelligent piece of software supporting  
>>> many types of internally facing enterprise SSO solutions  
>>> including automatic sign on for windows machines connected to AD,  
>>> login to windows, automatically logon to the web tier.
>>>
>>> Additionally it supports many external facing SSO solutions  
>>> including OpenID, Shibboleth 1.3x and Yahoo BB auth to name just  
>>> the starting line up, its extensible architecture means it can  
>>> support anything new into the future.
>>>
>>> Essentially you make xwiki understand our single service provider  
>>> and using the ESOE automatically get any kind of SSO/
>>> Authentication system available on the planet supported.
>>>
>>> If your interested and I hope you are I can post again when its  
>>> out with the project URL.
>> That sounds very cool. Could you post some links?
>> Thanks
>> -Vincent
>>> jeremi joslin wrote:
>>>> Hi Artem,
>>>> I think it's a great idea. But I don't think it's very long to
>>>> implement. I would prefer you to work on a more generic  
>>>> problematic of
>>>> single sign on in xwiki.
>>>> You can implement OpenId and another single sign on a more  
>>>> enterprise
>>>> oriented than OpenId.
>>>> WDYT?
>>>> Jeremi
>>>> On 3/20/07, Artem Melentyev <[hidden email]> wrote:
>>>>> Hi.
>>>>>
>>>>> I would like to propose the project:
>>>>>
>>>>> OpenID[1] support in XWiki.
>>>>>
>>>>> OpenID is an open, decentralized, free framework for user-centric
>>>>> digital identity. [1]
>>>>>
>>>>> 1) XWiki as openid consumer.
>>>>>   Possibility to login into xwiki with openid.
>>>>> Value: major
>>>>>
>>>>> 2) XWiki as openid provider.
>>>>>   Some users of xwiki will have openid account like  
>>>>> username.xwiki.host
>>>>> or xwiki.host/openid/username
>>>>>   For example users in xwiki.com will have openid =  
>>>>> username.xwiki.com
>>>>> Value: minor
>>>>>
>>>>> User story:
>>>>> I have account and virtual wiki at username.xwiki.com.
>>>>> I wish to login with openid into xwiki.org.
>>>>> Standard authentication process with openid[3]:
>>>>>   I enter to openid login form at xwiki.org my  
>>>>> openid=username.xwiki.com,
>>>>>    click sumbit.
>>>>>   xwiki.org redirects me to openid authentication page in
>>>>>    username.xwiki.com.
>>>>>   I enter my password, click submit.
>>>>>   username.xwiki.com redirects me back to xwiki.org.
>>>>>   Done. I logined into xwiki.org with openid.
>>>>> If I already logined to username.xwiki.com, xwiki.org will not  
>>>>> redirects
>>>>> me to username.xwiki.com, and I don't enter password.
>>>>> I may use my openid=username.xwiki.com as normal openid. For  
>>>>> example I
>>>>> may write comments to livejournal.com with openid[2].
>>>>>
>>>>> Advantages:
>>>>>   The User needs only one login for all xwikis and openid  
>>>>> services.
>>>>>   User's openid will be point at homepage on xwiki (possibly).
>>>>>   Increase popularity of xwiki project:
>>>>>    There are not much openid providers for now. [4]
>>>>>    XWiki users will promote xwiki their openids (*.xwiki.com)
>>>>>
>>>>> There are also bounty($5000) for openid-enabled opensource  
>>>>> projects:
>>>>> http://iwantmyopenid.org/bounty
>>>>>
>>>>> There are other authorization protocols, similar to the  
>>>>> technology openid:
>>>>> http://lid.netmesh.org/
>>>>> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
>>>>> http://yadis.org/
>>>>> But it is not too common.
>>>>>
>>>>> Technical details:
>>>>>   Possible openid implementations: http://code.google.com/p/ 
>>>>> openid4java/
>>>>>    or http://code.google.com/p/joid/
>>>>>   Consumer:
>>>>>    Then user logins with openid first time, xwiki create  
>>>>> special user
>>>>>    like XWiki.openid_<user's openid> for a user settings storage.
>>>>>   Provider:
>>>>>    java servlet.
>>>>>
>>>>> WDYT?
>>>>>
>>>>> Is this project suitable for GSoC 2007?
>>>>> Estimated workload: 1-2 man/month
>>>>>
>>>>> References:
>>>>> [1] http://openid.net/
>>>>> [2] http://www.livejournal.com/openid/
>>>>> [3] http://openid.net/about.bml
>>>>> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>>>>>
>>>>> --   Artem Melentyev, UralSU, CS401
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --You receive this message as a subscriber of the xwiki-
>>>>> [hidden email] mailing list.
>>>>> To unsubscribe: mailto:[hidden email]
>>>>> For general help: mailto:[hidden email]?subject=help
>>>>> ObjectWeb mailing lists service home page: http://
>>>>> www.objectweb.org/wws
>>>>>
>>>>>
>>>> -------------------------------------------------------------------
>>>> -----
>>>> --
>>>> You receive this message as a subscriber of the xwiki-
>>>> [hidden email] mailing list.
>>>> To unsubscribe: mailto:[hidden email]
>>>> For general help: mailto:[hidden email]?subject=help
>>>> ObjectWeb mailing lists service home page: http://
>>>> www.objectweb.org/wws
>>>
>>>
>>> --Bradley Beddoes
>>> Lead Software Architect
>>>
>>> http://intient.com
>>> Intient - "Open Source, Open Standards"
>>>
>>>
>>> --
>>> You receive this message as a subscriber of the xwiki-
>>> [hidden email] mailing list.
>>> To unsubscribe: mailto:[hidden email]
>>> For general help: mailto:[hidden email]?subject=help
>>> ObjectWeb mailing lists service home page: http://
>>> www.objectweb.org/wws
>> ---------------------------------------------------------------------
>> ---
>> --
>> You receive this message as a subscriber of the xwiki-
>> [hidden email] mailing list.
>> To unsubscribe: mailto:[hidden email]
>> For general help: mailto:[hidden email]?subject=help
>> ObjectWeb mailing lists service home page: http://
>> www.objectweb.org/wws
>
>
> --
> You receive this message as a subscriber of the xwiki-
> [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/ 
> wws



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

Bradley Beddoes
Vincent Massol wrote:
>
> On Mar 20, 2007, at 12:40 PM, Bradley Beddoes wrote:
>
>> Hi,
>> I will provide the list with links when things are available online,
>> expected timeframe is about 3 weeks.
>
> oh so it's not open source yet?

It hasn't been released at all yet still in final development/test and
performance testing stages, when complete it will be licensed under the
apache 2 license from day 1. (By "complete" it already is feature wise,
we are just fine tuning performance at this stage really).

>
> Is it going to be part of an existing open source community such as
> Apache, Codehaus, ObjectWeb, etc?

No, it will have its own community site, tools etc available.

>
> Thanks
> -Vincent
>
>> Vincent Massol wrote:
>>> Hi Bradley,
>>> On Mar 20, 2007, at 12:16 PM, Bradley Beddoes wrote:
>>>> Hi,
>>>> I have a major piece of the SSO puzzle under development currently,
>>>> due for release in the next few weeks which targets enterprises, it
>>>> will be available under the apache 2.0 licence.
>>>>
>>>> It will allow applications such as xwiki to implement the SAML 2.0
>>>> spec cleanly using an easy to adapt java library/filter combination
>>>> between the application (xwiki) and a central point called the
>>>> "enterprise sign on engine".
>>>>
>>>> The ESOE is an extremely intelligent piece of software supporting
>>>> many types of internally facing enterprise SSO solutions including
>>>> automatic sign on for windows machines connected to AD, login to
>>>> windows, automatically logon to the web tier.
>>>>
>>>> Additionally it supports many external facing SSO solutions
>>>> including OpenID, Shibboleth 1.3x and Yahoo BB auth to name just the
>>>> starting line up, its extensible architecture means it can support
>>>> anything new into the future.
>>>>
>>>> Essentially you make xwiki understand our single service provider
>>>> and using the ESOE automatically get any kind of SSO/Authentication
>>>> system available on the planet supported.
>>>>
>>>> If your interested and I hope you are I can post again when its out
>>>> with the project URL.
>>> That sounds very cool. Could you post some links?
>>> Thanks
>>> -Vincent
>>>> jeremi joslin wrote:
>>>>> Hi Artem,
>>>>> I think it's a great idea. But I don't think it's very long to
>>>>> implement. I would prefer you to work on a more generic problematic of
>>>>> single sign on in xwiki.
>>>>> You can implement OpenId and another single sign on a more enterprise
>>>>> oriented than OpenId.
>>>>> WDYT?
>>>>> Jeremi
>>>>> On 3/20/07, Artem Melentyev <[hidden email]> wrote:
>>>>>> Hi.
>>>>>>
>>>>>> I would like to propose the project:
>>>>>>
>>>>>> OpenID[1] support in XWiki.
>>>>>>
>>>>>> OpenID is an open, decentralized, free framework for user-centric
>>>>>> digital identity. [1]
>>>>>>
>>>>>> 1) XWiki as openid consumer.
>>>>>>   Possibility to login into xwiki with openid.
>>>>>> Value: major
>>>>>>
>>>>>> 2) XWiki as openid provider.
>>>>>>   Some users of xwiki will have openid account like
>>>>>> username.xwiki.host
>>>>>> or xwiki.host/openid/username
>>>>>>   For example users in xwiki.com will have openid =
>>>>>> username.xwiki.com
>>>>>> Value: minor
>>>>>>
>>>>>> User story:
>>>>>> I have account and virtual wiki at username.xwiki.com.
>>>>>> I wish to login with openid into xwiki.org.
>>>>>> Standard authentication process with openid[3]:
>>>>>>   I enter to openid login form at xwiki.org my
>>>>>> openid=username.xwiki.com,
>>>>>>    click sumbit.
>>>>>>   xwiki.org redirects me to openid authentication page in
>>>>>>    username.xwiki.com.
>>>>>>   I enter my password, click submit.
>>>>>>   username.xwiki.com redirects me back to xwiki.org.
>>>>>>   Done. I logined into xwiki.org with openid.
>>>>>> If I already logined to username.xwiki.com, xwiki.org will not
>>>>>> redirects
>>>>>> me to username.xwiki.com, and I don't enter password.
>>>>>> I may use my openid=username.xwiki.com as normal openid. For
>>>>>> example I
>>>>>> may write comments to livejournal.com with openid[2].
>>>>>>
>>>>>> Advantages:
>>>>>>   The User needs only one login for all xwikis and openid services.
>>>>>>   User's openid will be point at homepage on xwiki (possibly).
>>>>>>   Increase popularity of xwiki project:
>>>>>>    There are not much openid providers for now. [4]
>>>>>>    XWiki users will promote xwiki their openids (*.xwiki.com)
>>>>>>
>>>>>> There are also bounty($5000) for openid-enabled opensource projects:
>>>>>> http://iwantmyopenid.org/bounty
>>>>>>
>>>>>> There are other authorization protocols, similar to the technology
>>>>>> openid:
>>>>>> http://lid.netmesh.org/
>>>>>> http://en.wikipedia.org/wiki/Inames (inames mostly paid)
>>>>>> http://yadis.org/
>>>>>> But it is not too common.
>>>>>>
>>>>>> Technical details:
>>>>>>   Possible openid implementations:
>>>>>> http://code.google.com/p/openid4java/
>>>>>>    or http://code.google.com/p/joid/
>>>>>>   Consumer:
>>>>>>    Then user logins with openid first time, xwiki create special user
>>>>>>    like XWiki.openid_<user's openid> for a user settings storage.
>>>>>>   Provider:
>>>>>>    java servlet.
>>>>>>
>>>>>> WDYT?
>>>>>>
>>>>>> Is this project suitable for GSoC 2007?
>>>>>> Estimated workload: 1-2 man/month
>>>>>>
>>>>>> References:
>>>>>> [1] http://openid.net/
>>>>>> [2] http://www.livejournal.com/openid/
>>>>>> [3] http://openid.net/about.bml
>>>>>> [4] http://openid.net/wiki/index.php/Public_OpenID_providers
>>>>>>
>>>>>> --   Artem Melentyev, UralSU, CS401
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --You receive this message as a subscriber of the
>>>>>> [hidden email] mailing list.
>>>>>> To unsubscribe: mailto:[hidden email]
>>>>>> For general help: mailto:[hidden email]?subject=help
>>>>>> ObjectWeb mailing lists service home page:
>>>>>> http://www.objectweb.org/wws
>>>>>>
>>>>>>
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>> --You receive this message as a subscriber of the
>>>>> [hidden email] mailing list.
>>>>> To unsubscribe: mailto:[hidden email]
>>>>> For general help: mailto:[hidden email]?subject=help
>>>>> ObjectWeb mailing lists service home page:
>>>>> http://www.objectweb.org/wws
>>>>
>>>>
>>>> --Bradley Beddoes
>>>> Lead Software Architect
>>>>
>>>> http://intient.com
>>>> Intient - "Open Source, Open Standards"
>>>>
>>>>
>>>> --You receive this message as a subscriber of the
>>>> [hidden email] mailing list.
>>>> To unsubscribe: mailto:[hidden email]
>>>> For general help: mailto:[hidden email]?subject=help
>>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>> ------------------------------------------------------------------------
>>> --
>>> You receive this message as a subscriber of the
>>> [hidden email] mailing list.
>>> To unsubscribe: mailto:[hidden email]
>>> For general help: mailto:[hidden email]?subject=help
>>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>
>>
>> --
>> You receive this message as a subscriber of the
>> [hidden email] mailing list.
>> To unsubscribe: mailto:[hidden email]
>> For general help: mailto:[hidden email]?subject=help
>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>
>
>
> ------------------------------------------------------------------------
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws

--
Bradley Beddoes
Lead Software Architect

http://intient.com
Intient - "Open Source, Open Standards"



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: [Proposal] OpenID support in XWiki

Artem Melentyev-2
In reply to this post by jeremi joslin-2
Hi, Jeremi.
jeremi joslin wrote:
> I think it's a great idea. But I don't think it's very long to
> implement. I would prefer you to work on a more generic problematic of
> single sign on in xwiki.
>
> You can implement OpenId and another single sign on a more enterprise
> oriented than OpenId.
>
> WDYT?

Agree. We need more detailed research of many others SSO systems.
I write this project to xwiki.org:
http://www.xwiki.org/xwiki/bin/view/GoogleSummerOfCode/SSOSupport

As a xwiki user, I want openid support in xwiki very much. I want to
login at all SSO-enabled sites with my login = amelentev.xwiki.com :)
But as a developer, I would prefer to work on xwiki store system in
GSoC07. I think GSoC Storage+Improvements project is more prefer for me
and xwiki because I have good experience in xwiki store system.
I would be glad if xwiki found others GSoC students for SSO project.

--
   Artem Melentyev, UralSU, CS401



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

OpenID, Shibboleth and other identity technologies for xwiki

Bradley Beddoes
In reply to this post by Artem Melentyev-2
Hi,
In later March there was a thread about openID support for xwiki, at the
time I mentioned new project we were about to launch which could solve
the openID issue as well as shibboleth, active directory and LDAP
integration.

That software is now available at http://esoeproject.org

Have a look at what it can offer I would be happy to work with the xwiki
community further to integrate appropriately.

regards,
Bradley




--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: OpenID, Shibboleth and other identity technologies for xwiki

Sergiu Dumitriu
Hi,

This looks good, congratulations!

It would be nice if it could be integrated in XWiki (with your kindly
offered help), as it provides support for many authentication
protocols. However, this must not be done in a haste. We should
establish some goals, an implementation plan (including eventual
changes needed in the XWiki engine), and a target version. I think
that 1.0 is out of the question, so we need to decide if it is a
feature that must go into 1.1 or it can wait until the XWiki 2.0
architecture is finalized.

(@Vincent) Should we establish a developer meeting on IRC to discuss
this? Or are mailing lists OK?

On another topic, how stable is the ESEO API? Can we count on a
future-compatible integration?

Thanks,
Sergiu

On 5/8/07, Bradley Beddoes <[hidden email]> wrote:

> Hi,
> In later March there was a thread about openID support for xwiki, at the
> time I mentioned new project we were about to launch which could solve
> the openID issue as well as shibboleth, active directory and LDAP
> integration.
>
> That software is now available at http://esoeproject.org
>
> Have a look at what it can offer I would be happy to work with the xwiki
> community further to integrate appropriately.
>
> regards,
> Bradley
>
>
>
--
http://purl.org/net/sergiu



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: OpenID, Shibboleth and other identity technologies for xwiki

Bradley Beddoes
Hi,
Responses inline below.

Sergiu Dumitriu wrote:

> Hi,
>
> This looks good, congratulations!
>
> It would be nice if it could be integrated in XWiki (with your kindly
> offered help), as it provides support for many authentication
> protocols. However, this must not be done in a haste. We should
> establish some goals, an implementation plan (including eventual
> changes needed in the XWiki engine), and a target version. I think
> that 1.0 is out of the question, so we need to decide if it is a
> feature that must go into 1.1 or it can wait until the XWiki 2.0
> architecture is finalized.
>
> (@Vincent) Should we establish a developer meeting on IRC to discuss
> this? Or are mailing lists OK?
>
> On another topic, how stable is the ESEO API? Can we count on a
> future-compatible integration?
The really cool part is that the integration on the application side for
pure identity transfer is minimal, especially in java with the use of
filters.

If you'd like to take it further and integrate authorization to the
ESOE's policy decision point (and I think it would be a god idea) that
would take a little longer.

The API itself should be pretty static from this point forward, while
we've got it tagged at 0.1 in reality its a lot further ahead then that,
infact we're rolling into production at some sites shortly.

regards,
Bradley


>
> Thanks,
> Sergiu
>
> On 5/8/07, Bradley Beddoes <[hidden email]> wrote:
>> Hi,
>> In later March there was a thread about openID support for xwiki, at the
>> time I mentioned new project we were about to launch which could solve
>> the openID issue as well as shibboleth, active directory and LDAP
>> integration.
>>
>> That software is now available at http://esoeproject.org
>>
>> Have a look at what it can offer I would be happy to work with the xwiki
>> community further to integrate appropriately.
>>
>> regards,
>> Bradley
>>
>>
>>
>



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: OpenID, Shibboleth and other identity technologies for xwiki

Vincent Brousseau
OpenSSO could also be an interesting alternative
(https://opensso.dev.java.net/).

It started off the codebase of Sun Java System Access Manager so it's
heavy, but definitely enterprise grade.

There are many other solutions of that kind, perhaps they should be
reviewed first before going on with an integration in XWiki.

Vincent


On 5/7/07, Bradley Beddoes <[hidden email]> wrote:

> Hi,
> Responses inline below.
>
> Sergiu Dumitriu wrote:
> > Hi,
> >
> > This looks good, congratulations!
> >
> > It would be nice if it could be integrated in XWiki (with your kindly
> > offered help), as it provides support for many authentication
> > protocols. However, this must not be done in a haste. We should
> > establish some goals, an implementation plan (including eventual
> > changes needed in the XWiki engine), and a target version. I think
> > that 1.0 is out of the question, so we need to decide if it is a
> > feature that must go into 1.1 or it can wait until the XWiki 2.0
> > architecture is finalized.
> >
> > (@Vincent) Should we establish a developer meeting on IRC to discuss
> > this? Or are mailing lists OK?
> >
> > On another topic, how stable is the ESEO API? Can we count on a
> > future-compatible integration?
>
> The really cool part is that the integration on the application side for
> pure identity transfer is minimal, especially in java with the use of
> filters.
>
> If you'd like to take it further and integrate authorization to the
> ESOE's policy decision point (and I think it would be a god idea) that
> would take a little longer.
>
> The API itself should be pretty static from this point forward, while
> we've got it tagged at 0.1 in reality its a lot further ahead then that,
> infact we're rolling into production at some sites shortly.
>
> regards,
> Bradley
>
>
> >
> > Thanks,
> > Sergiu
> >
> > On 5/8/07, Bradley Beddoes <[hidden email]> wrote:
> >> Hi,
> >> In later March there was a thread about openID support for xwiki, at the
> >> time I mentioned new project we were about to launch which could solve
> >> the openID issue as well as shibboleth, active directory and LDAP
> >> integration.
> >>
> >> That software is now available at http://esoeproject.org
> >>
> >> Have a look at what it can offer I would be happy to work with the xwiki
> >> community further to integrate appropriately.
> >>
> >> regards,
> >> Bradley
> >>
> >>
> >>
> >
>
>
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>
>


--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: OpenID, Shibboleth and other identity technologies for xwiki

Bradley Beddoes
Hi Vincent,
Your absolutely correct there are many alternatives each with their own
various positives and negatives.

A review of the solutions available is always a good idea.

However I am pretty confident nothing else matches the ESOE for its
feature set at this stage, but of course I would be happy to be proven
wrong :).

regards,
Bradley

Vincent Brousseau wrote:

> OpenSSO could also be an interesting alternative
> (https://opensso.dev.java.net/).
>
> It started off the codebase of Sun Java System Access Manager so it's
> heavy, but definitely enterprise grade.
>
> There are many other solutions of that kind, perhaps they should be
> reviewed first before going on with an integration in XWiki.
>
> Vincent
>
>
> On 5/7/07, Bradley Beddoes <[hidden email]> wrote:
>> Hi,
>> Responses inline below.
>>
>> Sergiu Dumitriu wrote:
>> > Hi,
>> >
>> > This looks good, congratulations!
>> >
>> > It would be nice if it could be integrated in XWiki (with your kindly
>> > offered help), as it provides support for many authentication
>> > protocols. However, this must not be done in a haste. We should
>> > establish some goals, an implementation plan (including eventual
>> > changes needed in the XWiki engine), and a target version. I think
>> > that 1.0 is out of the question, so we need to decide if it is a
>> > feature that must go into 1.1 or it can wait until the XWiki 2.0
>> > architecture is finalized.
>> >
>> > (@Vincent) Should we establish a developer meeting on IRC to discuss
>> > this? Or are mailing lists OK?
>> >
>> > On another topic, how stable is the ESEO API? Can we count on a
>> > future-compatible integration?
>>
>> The really cool part is that the integration on the application side for
>> pure identity transfer is minimal, especially in java with the use of
>> filters.
>>
>> If you'd like to take it further and integrate authorization to the
>> ESOE's policy decision point (and I think it would be a god idea) that
>> would take a little longer.
>>
>> The API itself should be pretty static from this point forward, while
>> we've got it tagged at 0.1 in reality its a lot further ahead then that,
>> infact we're rolling into production at some sites shortly.
>>
>> regards,
>> Bradley
>>
>>
>> >
>> > Thanks,
>> > Sergiu
>> >
>> > On 5/8/07, Bradley Beddoes <[hidden email]> wrote:
>> >> Hi,
>> >> In later March there was a thread about openID support for xwiki,
>> at the
>> >> time I mentioned new project we were about to launch which could solve
>> >> the openID issue as well as shibboleth, active directory and LDAP
>> >> integration.
>> >>
>> >> That software is now available at http://esoeproject.org
>> >>
>> >> Have a look at what it can offer I would be happy to work with the
>> xwiki
>> >> community further to integrate appropriately.
>> >>
>> >> regards,
>> >> Bradley
>> >>
>> >>
>> >>
>> >
>>
>>
>>
>>
>> --
>> You receive this message as a subscriber of the
>> [hidden email] mailing list.
>> To unsubscribe: mailto:[hidden email]
>> For general help: mailto:[hidden email]?subject=help
>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>
>>
>



--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Reply | Threaded
Open this post in threaded view
|

Re: OpenID, Shibboleth and other identity technologies for xwiki

chandra sekhar-2
In reply to this post by Bradley Beddoes
Hi,
Can someone please unsubscribe me off the list please. I had mailed so many times now to [hidden email] . But i still get the mails. Does anyone know any other procedures to unsubscribe from the xwiki group.
 
Thank you,

----- Original Message ----
From: Bradley Beddoes <[hidden email]>
To: [hidden email]
Sent: Tuesday, May 8, 2007 3:22:52 PM
Subject: Re: [xwiki-dev] OpenID, Shibboleth and other identity technologies for xwiki

Hi Vincent,
Your absolutely correct there are many alternatives each with their own
various positives and negatives.

A review of the solutions available is always a good idea.

However I am pretty confident nothing else matches the ESOE for its
feature set at this stage, but of course I would be happy to be proven
wrong :).

regards,
Bradley

Vincent Brousseau wrote:

> OpenSSO could also be an interesting alternative
> (https://opensso.dev.java.net/).
>
> It started off the codebase of Sun Java System Access Manager so it's
> heavy, but definitely enterprise grade.
>
> There are many other solutions of that kind, perhaps they should be
> reviewed first before going on with an integration in XWiki.
>
> Vincent
>
>
> On 5/7/07, Bradley Beddoes <[hidden email]> wrote:
>> Hi,
>> Responses inline below.
>>
>> Sergiu Dumitriu wrote:
>> > Hi,
>> >
>> > This looks good, congratulations!
>> >
>> > It would be nice if it could be integrated in XWiki (with your kindly
>> > offered help), as it provides support for many authentication
>> > protocols. However, this must not be done in a haste. We should
>> > establish some goals, an implementation plan (including eventual
>> > changes needed in the XWiki engine), and a target version. I think
>> > that 1.0 is out of the question, so we need to decide if it is a
>> > feature that must go into 1.1 or it can wait until the XWiki 2.0
>> > architecture is finalized.
>> >
>> > (@Vincent) Should we establish a developer meeting on IRC to discuss
>> > this? Or are mailing lists OK?
>> >
>> > On another topic, how stable is the ESEO API? Can we count on a
>> > future-compatible integration?
>>
>> The really cool part is that the integration on the application side for
>> pure identity transfer is minimal, especially in java with the use of
>> filters.
>>
>> If you'd like to take it further and integrate authorization to the
>> ESOE's policy decision point (and I think it would be a god idea) that
>> would take a little longer.
>>
>> The API itself should be pretty static from this point forward, while
>> we've got it tagged at 0.1 in reality its a lot further ahead then that,
>> infact we're rolling into production at some sites shortly.
>>
>> regards,
>> Bradley
>>
>>
>> >
>> > Thanks,
>> > Sergiu
>> >
>> > On 5/8/07, Bradley Beddoes <[hidden email]> wrote:
>> >> Hi,
>> >> In later March there was a thread about openID support for xwiki,
>> at the
>> >> time I mentioned new project we were about to launch which could solve
>> >> the openID issue as well as shibboleth, active directory and LDAP
>> >> integration.
>> >>
>> >> That software is now available at http://esoeproject.org
>> >>
>> >> Have a look at what it can offer I would be happy to work with the
>> xwiki
>> >> community further to integrate appropriately.
>> >>
>> >> regards,
>> >> Bradley
>> >>
>> >>
>> >>
>> >
>>
>>
>>
>>
>> --
>> You receive this message as a subscriber of the
>> [hidden email] mailing list.
>> To unsubscribe: mailto:[hidden email]
>> For general help: mailto:[hidden email]?subject=help
>> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>>
>>
>


Ahhh...imagining that irresistible "new car" smell?
Check out new cars at Yahoo! Autos.

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws