On Mon, Aug 07, 2006 at 10:28:01AM +0200, Daniel Kinzler wrote:
interiot(a)68k.org wrote:
If there's really a need for opt-in, I think
that the toolserver should provide a better method for
authenticating users.
This seems like a perfect application for OpenId <http://openid.net/>. I
haven't read the specs and don't know how exactly it works, but it
shouldn't be hard to implement. MediaWiki already has an OpenID
extension, see
<http://svn.wikimedia.org/viewvc/mediawiki/trunk/extensions/OpenID/>
-- Daniel
If OpenID was installed at all wikimedia servers, that would work, and it would avoid
replication lag.
If enwiki replication was working though, we wouldn't need anything very
complicated... a special
database login would have access to the verification information, and most toolserver apps
run on a
single web domain, so it's straightforward to pass cookies from a central sign-on to
all toolserver
tools, and we would just need something like asymmetric encyrption to make sure the
cookies can't be
modified.
-Dave