[IAEP] OpenID in the wiki

[Bernie Innocenti]

Hello,

we now have OpenID authentication on http://sugarlabs.org/ .
Our OpenID implementation is advertised both as a client and a server, but .

== OpenID client ==

First of all, how do you get an OpenID? Surprise! You might already have
one!  See: http://openid.net/get/

To use it, just click the "login with openid" link in the top-right corner
of the page.  If you are already logged in, log off first.

The client implementation does not seem to support HTTP redirects (as in
http://codewiz.org/), but delegation (as in http://www.codewiz.org/wiki)
works nicely.

== OpenID server ==

The server should theoretically allow you to use the URL to your user page
(http://sugarlabs.org/go/User:YOURNAME) to authenticate on other
OpenID-enabled sites.  I couldn't get it to work with SourceForge, but I
have high hopes it would interoperate across two MediaWiki instances.

Another annoyance is that, after you've bound your account to an external
OpenID provider, you can't use your user page any longer to authenticate
against sites.  This binding seems to be permanent, and undoing it might
require deleting the corresponding database record.

OpenID is still a somewhat immature standard, but it shows promise and,
more importantly, it's being adopted in several high profile sites.

== Way forward ==

I'm available to help install and configure the extension across the
laptop.org wikis, so we can share authentication.  I will also look into
OpenID plugins for Trac and the other web applications we currently use.

I've also cc'd the author of the OpenID MediaWiki extension in case he can
help clarify some of the issues described above.

-- 
   // Bernie Innocenti - http://www.codewiz.org/
 \X/  Sugar Labs       - http://www.sugarlabs.org/