Am 15.08.2012 23:11, schrieb Ryan Lane:
it is not. OpenID adds only a short table to the database, where the OpenID is connected with the (local wiki) userid. Where exactly is the blocking problem for you ?
It's not a technical problem, per se. It's mainly a usability issue. When you allow login as a consumer, you now have two login links. One link is for logging in with your password credentials and another is with OpenID. This is confusing for people who don't know what OpenID is.
Assuming everyone has some knowledge of OpenID (which is a stupid assumption, but let's play along), what do you display on the OpenID login page? Do we have logos that people can click to login to a provider? If so, which logos do we show? Why are we showing *those* providers and not others? How do you login with OpenID for providers not shown? A text box where they can enter the URL? Many OpenID URLs are long, ugly, and totally un-memberable, which means people will need to search for their provider URL when they want to login.
it seems, that you have /never /installed the Extension. Because then you would not have asked these questions.
Let's assume people are logging in with OpenID. Now there's a possibility of users getting locked out of their accounts because their provider went away. Yes, we can allow users to have passwords on the site too, but then we have two methods of authentication, which increases the risk of accounts getting owned. Additionally, now we have to worry about a provider getting owned and all accounts associated with that provider being owned as a result.
OpenID as a consumer on the sites without fixing the usability issues is simply not going to happen. The security issues are a worry too, but less so than the usability issues.
- Ryan
Ryan, it seems, that you have never installed the Extension. Because then you would not have asked the questions.