Hi Johannes,
I'm not part of the core development team (in fact, I've only submitted
a couple relatively insignificant patches). However, this is an issue
I've been tracking pretty closely. Nevertheless, don't take this as
anything other than as the very possibly incorrect observations of a
fringe participant.
The SSO activity has been somewhat dormant for a couple months now, but
is probably can be resurrected if someone (you?) volunteers to shepherd
the effort. My understanding is that Brion would like to implement an
AuthPlugin for SSO. OpenID/LID/etc would be a probably be a phase two
sorta thing; phase one is reserved for intra-Wikimedia SSO.
If someone (you?) were to say, implement a LID server and client for
MediaWiki, that would give it a big head start over other potential
solutions. It wouldn't be the simplest solution to intra-Wikimedia SSO,
but it would work, assuming that the LID libraries are mature enough to
deal with Wikimedia's demands. If such a solution were to get
substantial testing outside of the Wikimedia realm of servers, that
would be a big argument for the maturity of the solution.
I myself was working on this type of thing a lot more a couple of months
ago, but put that work on hold to work on a MediaWiki election plugin
I'm close to releasing. I'll eventually want to return to auth work,
but don't see that happening in the next month or two.
Rob
On Wed, 2005-10-05 at 12:55 -0700, Johannes Ernst wrote:
I heard three different views on SSO wrt
MediaWiki/WikiPedia so far:
1) The different Wikipedia sites (e.g.
en.wikipedia.org and
de.wikipedia.org) should require a user only to log on once. Once
logged on the user should be known across those Wikipedia sites (and
only those).
2) A MediaWiki installation (e.g. in an enterprise) would like the
MediaWiki user management subsystem to participate in an SSO
environment (e.g. an enterprise single-sign-on system).
Auth_Plugin.php and various LDAP projects seem to have made some
headway there.
3) A Wikipedia user (and any MediaWiki user) should be able to "bring
their own" identity, which MediaWiki software should recognize. The
advantage of this is that it includes the previous two items as
special cases -- and because there's nothing special about Mediawiki
with respect to logins: every website has that problem, and would
like the problem to go away.
I'm interested in #3, specifically using URL-based personal digital
identities (such as the URL of their blog). How would one practically
go about doing this? [I'm new to how the wikipedia software projects
typically work out]
Some background is here:
http://cis-berkman.editme.com/
http://openid.net/
http://lid.netmesh.org/wiki/Main_Page
Thank you,
Johannes Ernst
http://netmesh.info/jernst
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/wikitech-l