[Opensim-dev] Mantis#2816 patch and openid

Cristina Videira Lopes lopes at ics.uci.edu
Tue Dec 16 18:12:41 UTC 2008 

I should say "UGAIM become providers *and* consumers of this". But 
without changing the existing login method.

Cristina Videira Lopes wrote:
> +1 here too.
>
> Authentication is something that is critically missing from the 
> hypergrid right now. I think this patch is the beginning of making 
> things more secure in a globally decentralized environment.
>
> I don't know the details of the OpenID protocol, and I don't know how 
> it compares to other authentication protocols, if we had to choose. 
> But I really like that this makes UGAIM *providers*, not consumers, of 
> authentication services. So if I have my HG standalone at 
> home.smopr.com, I can use my account here, and other services can 
> check that this account exists with my UGAIM. From then on, they can 
> decide whether to authorize me or not.
>
> I dislike the idea of just a handful of identity services on the 
> entire web. Let's have a million. Trust then becomes more aligned with 
> the social lines of trust.
>
> Crista
>
> Justin Clark-Casey wrote:
>> Mic Bowman wrote:
>>   
>>> inventory & asset server extensions that leverage openid will be
>>> posted on the distributed asset forge project soon. we're working to
>>> validate the concepts in the forge project & then start carving the
>>> changes up into smaller chunks for incremental patching once we've
>>> convinced ourselves that this is useful. the openid parts are pretty
>>> fundamental to making any of these external services work so it seemed
>>> like a good starting point.
>>>     
>>
>> Personally, I'm inclined to say +1 to the OpenID user server patch.  It's fairly small and provides functionality that 
>> is generally useful.  Having it in core will also make it easier to experiment and think about the distributed services 
>> that John and any others are developing.
>>
>> Perhaps this would be more ideal as a module, but a module system would have to be put in place first.  The wait could 
>> be quite long (though I'm happy to be proven wrong :)
>>
>>   
>>> --mic
>>>
>>> On Mon, Dec 15, 2008 at 2:23 PM, Sean Dague <sdague at gmail.com> wrote:
>>>     
>>>> Mic Bowman wrote:
>>>>       
>>>>> So this is really an API that can be used to apply the set of
>>>>> identities managed by the user server to other services. A couple more
>>>>> places this could be useful... the web interfaces like opensimwi
>>>>> currently manipulate the database directly in order to perform
>>>>> authentication for account management. Also, the Alan's REST
>>>>> interfaces for asses & inventory on the region server currently cannot
>>>>> authenticate a specific user in grid mode (there is no API & the User
>>>>> server does not hand out the hashed password to the region server in
>>>>> grid mode).
>>>>>
>>>>> The choice of OpenID vs some other API is really just a choice to
>>>>> support a fairly standard API rather than invent something new.
>>>>>         
>>>> Ok, so this is about exposing the OpenSim data to things other than the
>>>> client.  That makes a bit more sense from what I saw in the patch.
>>>>
>>>> It would be nice to see an example of how this would be used in the
>>>> OpenSim Inventory server, for instance.  But I see how this could be a
>>>> good first step in that direction.
>>>>
>>>>        -Sean
>>>>
>>>> --
>>>> Sean Dague / Neas Bade
>>>> sdague at gmail.com
>>>> http://dague.net
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Opensim-dev mailing list
>>>> Opensim-dev at lists.berlios.de
>>>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>>>
>>>>
>>>>       
>>> _______________________________________________
>>> Opensim-dev mailing list
>>> Opensim-dev at lists.berlios.de
>>> https://lists.berlios.de/mailman/listinfo/opensim-dev
>>>
>>>     
>>
>>
>>   
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20081216/9f1d3c78/attachment-0001.html>

More information about the Opensim-dev mailing list