RemoteUserLogins
distributed authentication, OpenID and Co.
Created by: Mario Salzer, Last modification: 01 Jul 2005 (15:55 UTC)
(This is not a feature request, more a shameless project advertisement.)
OpenId is the upcoming standard (2nd) for distributed user authentication. It provides no profile exchanges and uses homepage addresses as user identifiers (a good thing in the blog world, maybe).
My project tries to add a simplistic XML format on top and provides OpenID and LID authentication at the same time. Both use strong cryptography and therefore allow remote logins without passwords. (I kid you not!)
This means you can share your users with other web sites (user@bitweaver.org logs into forum at www.elsewhere.com), but also to allow people from other web sites to log in in yours.
This is obviously a feature you would want to enable and disable on a per-site basis. It is definitely no security threat to allow people to more quickly create/copy an existing user profile and login, but may or may not be meaningful for every community.
The sample implementation in PHP is extremely easy to integrate, and btw already comes with a prepared (though untested) profile server binding for the Tiki user database. So, if you might be interested:
http://xprofile.berlios.de/
There are other implementations, but without much hybris, this is one of the most polished ones as of yet. — mario
OpenId is the upcoming standard (2nd) for distributed user authentication. It provides no profile exchanges and uses homepage addresses as user identifiers (a good thing in the blog world, maybe).
My project tries to add a simplistic XML format on top and provides OpenID and LID authentication at the same time. Both use strong cryptography and therefore allow remote logins without passwords. (I kid you not!)
This means you can share your users with other web sites (user@bitweaver.org logs into forum at www.elsewhere.com), but also to allow people from other web sites to log in in yours.
This is obviously a feature you would want to enable and disable on a per-site basis. It is definitely no security threat to allow people to more quickly create/copy an existing user profile and login, but may or may not be meaningful for every community.
The sample implementation in PHP is extremely easy to integrate, and btw already comes with a prepared (though untested) profile server binding for the Tiki user database. So, if you might be interested:
http://xprofile.berlios.de/
There are other implementations, but without much hybris, this is one of the most polished ones as of yet. — mario