[Opensim-dev] Mantis#2816 patch and openid
    James Stallings II 
    james.stallings at gmail.com
       
    Mon Dec 15 13:39:13 UTC 2008
    
    
  
I am not JHurliman, but I have actually given this topic considerable
thought. As I see things, there probably is no way to incorporate OpenID
directly into the existing client.
I dont let this concern me overmuch - I think constraining ourselves to
existing client functionality is a certain way to allow our friends at
Linden Labs to remain the defacto industry leaders of this technology.
Now that that is out of the way, there are certain methodologies that I
could employ to put an OpenID capability to work today:
Scenario 1: Keep all accounts 'deactivated' by default (even when they are
valid, active accounts), activating them only at such time as the OpenID
authorization method I've embedded into the splash page is completed. Once
that embedded authorization procedure is completed, the account would be
enabled, and login would procede as normally occurs with the client.
Scenario 2: All login procedures as per usual; OpenID kept on file for for
positive identification on an as-needed basis where such things are
relevant: access to mature content, proof of ownership of assets, resolution
of complaints, etc.
Scenario 3: External authentication layers that might be built on top of
e.g., Hypergrid or OGP, which cant really be explored at present because we
have no support for authenticating via OpenID.
These are just three that occur to me off the top of my head. I think all
represent use cases that are desirable here and now. We simply lack the
tools to implement them at present. All that remains is that some
trailblazing group put the tools in the hands of users.
Will we blaze that trail? or will we read about who already has on the
Linden blog?
I say +100, get this patch in trunk. ASAP.
Cheers
James
On Mon, Dec 15, 2008 at 7:03 AM, Sean Dague <sdague at gmail.com> wrote:
> Hurliman, John wrote:
> >
> > A clarification on the patch, this adds OpenID provider support to user
> server. It does not turn the user server into an OpenID consumer. I think
> OpenID grid login is a very interesting discussion that should take place on
> the mailing list, but what this does is allow you to prove ownership of an
> avatar on a grid. You could leave a comment on a blog using your avatar
> identity, for example. The main reason for the patch is to pave the way to
> building a secure hypergrid. Now that OpenSim is evolving into a federated
> grid model it's critical to be able to carry identity around the metaverse.
> I also have a patch for the distributed asset service that authenticates all
> inventory and asset transactions against the user server and allows
> whitelisting/blacklisting of foreign grids (will be committed very soon
> after some cleanup).
>
> Could you explain that authentication flow with the existing client?
> While this patch doesn't hurt anything, I'd really like to understand
> where this is going before we commit something like this.
>
>        -Sean
>
> --
> Sean Dague / Neas Bade
> sdague at gmail.com
> http://dague.net
>
>
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
-- 
===================================
The wind
scours the earth for prayers
The night obscures them
http://osgrid.org
http://del.icio.us/SPQR
http://twitter.com/jstallings2
http://www.linkedin.com/pub/5/770/a49
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20081215/4cd4a93d/attachment-0001.html>
    
    
More information about the Opensim-dev
mailing list