Google becomes an OpenID provider, too! - mrtopf.demrtopf.de

5 Kommentare » Schreibe einen Kommentar

  1. Right, I noticed some critics about this (actually I haven't looked to closely at it when I wrote it as it was getting late). But Google also seems to be reacting to some feedback, so at least a discussion is going on which is good: http://google-code-updates.blogspot.com/2008/10/m

    I just don't get the issue about desktop apps.. I mean why do they stop the browser based usage? Google could offer both for a start.

  2. Google's response is reassuring. Orderly (not rushed) and reliable is certainly preferable.

    (My experience with Google Code UI was not great. I had a sense that aspects of it had been rushed.)

    > rich-client apps (desktop apps and mobile apps) are hard-coded to ask a user for their username and password

    Fair enough.

    A few weeks ago, I puzzled over the following scenario:

    * OpenID user of a Plone site
    * site manager wishes to grant WebDAV access to that user

    — in the authentication dialogue, what user name/password combination should the user enter?

    A puzzle …

  3. One problem with the Plone OpenID implementation is IMHO that you cannot assign one or more openids to existing accounts (which would have user/pass assigned). Then of course you could either use your username/password or your openid. (you might not need to know your u/p if you don't use webdav then).

    A better approach for WebDAV (or any other protocol to do such things) might be to use OAuth. You simply grant read and/or write privileges to that webdav client. It even shouldn't be hard to implement as both is working via HTTP and it's just a question of the right headers to add.

  4. My best experience with OpenID has been in the Diigo area. There, certainly, I have multiple OpenIDs associated with my Diigo ID. There, if I'm not mistaken, one can associate an OpenID (or multiple OpenIDs) with a Diigo user name *without* generating a Diigo password.

    > One problem with the Plone OpenID implementation is IMHO that you cannot assign one or more openids to existing accounts (which would have user/pass assigned)

    As a feature request we have merge two or more Plone accounts and by near coincidence, a related product iw.memberreplace.

    Stepping away from expressions such as 'merge' and 'replace' (in relation to multiple Plone IDs), a more OpenID-oriented expression is probably 'personas'.

    References from http://dev.plone.org/plone/ticket/7303#comment:8 may be of interest.

    I haven't taken time to get my head around OAuth but I certainly should do so…

    Thanks again!
    Graham