I am not JHurliman, but I have actually given this topic considerable thought. As I see things, there probably is no way to incorporate OpenID directly into the existing client.<br><br>I dont let this concern me overmuch - I think constraining ourselves to existing client functionality is a certain way to allow our friends at Linden Labs to remain the defacto industry leaders of this technology.<br>
<br>Now that that is out of the way, there are certain methodologies that I could employ to put an OpenID capability to work today:<br><br>Scenario 1: Keep all accounts 'deactivated' by default (even when they are valid, active accounts), activating them only at such time as the OpenID authorization method I've embedded into the splash page is completed. Once that embedded authorization procedure is completed, the account would be enabled, and login would procede as normally occurs with the client.<br>
<br>Scenario 2: All login procedures as per usual; OpenID kept on file for for positive identification on an as-needed basis where such things are relevant: access to mature content, proof of ownership of assets, resolution of complaints, etc.<br>
<br>Scenario 3: External authentication layers that might be built on top of e.g., Hypergrid or OGP, which cant really be explored at present because we have no support for authenticating via OpenID.<br><br>These are just three that occur to me off the top of my head. I think all represent use cases that are desirable here and now. We simply lack the tools to implement them at present. All that remains is that some trailblazing group put the tools in the hands of users.<br>
<br>Will we blaze that trail? or will we read about who already has on the Linden blog?<br><br>I say +100, get this patch in trunk. ASAP.<br><br><br>Cheers<br>James<br><br><br><div class="gmail_quote">On Mon, Dec 15, 2008 at 7:03 AM, Sean Dague <span dir="ltr"><<a href="mailto:sdague@gmail.com">sdague@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d">Hurliman, John wrote:<br>
><br>
> A clarification on the patch, this adds OpenID provider support to user server. It does not turn the user server into an OpenID consumer. I think OpenID grid login is a very interesting discussion that should take place on the mailing list, but what this does is allow you to prove ownership of an avatar on a grid. You could leave a comment on a blog using your avatar identity, for example. The main reason for the patch is to pave the way to building a secure hypergrid. Now that OpenSim is evolving into a federated grid model it's critical to be able to carry identity around the metaverse. I also have a patch for the distributed asset service that authenticates all inventory and asset transactions against the user server and allows whitelisting/blacklisting of foreign grids (will be committed very soon after some cleanup).<br>
<br>
</div>Could you explain that authentication flow with the existing client?<br>
While this patch doesn't hurt anything, I'd really like to understand<br>
where this is going before we commit something like this.<br>
<br>
-Sean<br>
<font color="#888888"><br>
--<br>
Sean Dague / Neas Bade<br>
<a href="mailto:sdague@gmail.com">sdague@gmail.com</a><br>
<a href="http://dague.net" target="_blank">http://dague.net</a><br>
<br>
<br>
</font><br>_______________________________________________<br>
Opensim-dev mailing list<br>
<a href="mailto:Opensim-dev@lists.berlios.de">Opensim-dev@lists.berlios.de</a><br>
<a href="https://lists.berlios.de/mailman/listinfo/opensim-dev" target="_blank">https://lists.berlios.de/mailman/listinfo/opensim-dev</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>===================================<br>The wind<br>scours the earth for prayers<br>The night obscures them<br><br><a href="http://osgrid.org">http://osgrid.org</a><br>
<a href="http://del.icio.us/SPQR">http://del.icio.us/SPQR</a><br><a href="http://twitter.com/jstallings2">http://twitter.com/jstallings2</a><br><a href="http://www.linkedin.com/pub/5/770/a49">http://www.linkedin.com/pub/5/770/a49</a><br>