On Tue, Mar 13, 2012 at 8:10 AM, John Erling Blad jeblad@gmail.com wrote:
Exporting authentication from Mediawiki by OAuth is probably both acceptable and interesting, even if OAuth is said to give a rather weak security. It could be that people are a bit confused about OAuth vs OpenID.
In some of the projects where I've been involved the problem is not about exporting authentication, but more about how to log on to a Mediawiki-powered site from an other central site doing identity federation. The existing extensions don't handle this very well.
Could it be possible to start a work on both importing and exporting identity, authentication and authorization, perhaps focusing on both SAML and OAuth? For serious use it seems to me that SAML is more important than OAuth, while the later is more widespread in social networks.
So, since we're discussing SAML and OAuth and OpenID, and such, I should mention this:
It supports SAML, OpenID, OAuth, it's extendable and it supports multiple backends (LDAP, MySQL, etc). It is also localizable.
- Ryan