Changes

Line 5: Line 5:  
* Both methods need coding for some SL Web applications. [[User:Alsroot|alsroot]] 14:43, 20 September 2011 (EDT)
 
* Both methods need coding for some SL Web applications. [[User:Alsroot|alsroot]] 14:43, 20 September 2011 (EDT)
 
* Some applications already support OpenID, but is it possible to use OpenID authentication and LDAP for users metadata and authorisation at the same time? [[User:Alsroot|alsroot]] 14:43, 20 September 2011 (EDT)
 
* Some applications already support OpenID, but is it possible to use OpenID authentication and LDAP for users metadata and authorisation at the same time? [[User:Alsroot|alsroot]] 14:43, 20 September 2011 (EDT)
* Supporting only OpenID (without password based authentication as a spare method) seems to be overkill, at least for not tech people. [[User:Alsroot|alsroot]] 14:43, 20 September 2011 (EDT)
+
* Supporting only OpenID (without password based authentication as a spare method) seems to be overkill, at least for non tech people. [[User:Alsroot|alsroot]] 14:43, 20 September 2011 (EDT)
 +
*: However, most 'not tech' people already have an OpenID provider account, and such providers will continue to make that easier (and more secure), all being a cost-free benefit to us. --[[User:FGrose|FGrose]] 16:04, 20 September 2011 (EDT)
 +
* Though, similarity between CAS and OpenID is not so obvious, CAS is exactly about "login only once", for OpenID, people need login on every resource. So, see the 1st option for solution. [[User:Alsroot|alsroot]] 18:18, 20 September 2011 (EDT)
 +
 
 +
Possible solutions:
 +
 
 +
* Use CAS/LDAP for all SL applications. Useful for people who prefer login/passwords to get benefits from "login only once". Use OpenID, at least when it is implemented, to rely on particular application for associating OpenID accounts with ones got from CAS/LDAP. For OpenID case, the "login only once" won't work. [[User:Alsroot|alsroot]] 18:18, 20 September 2011 (EDT)