Am 15.08.2012 23:11, schrieb Ryan Lane:
it is not.
OpenID adds only a short table to the database, where the OpenID is
connected with the (local wiki) userid.
Where exactly is the blocking problem for you ?
It's not a technical problem, per se. It's mainly a usability issue.
When you allow login as a consumer, you now have two login links. One
link is for logging in with your password credentials and another is
with OpenID. This is confusing for people who don't know what OpenID
is.
Assuming everyone has some knowledge of OpenID (which is a stupid
assumption, but let's play along), what do you display on the OpenID
login page? Do we have logos that people can click to login to a
provider? If so, which logos do we show? Why are we showing *those*
providers and not others? How do you login with OpenID for providers
not shown? A text box where they can enter the URL? Many OpenID URLs
are long, ugly, and totally un-memberable, which means people will
need to search for their provider URL when they want to login.
it seems, that you
have /never /installed the Extension. Because then
you would not have asked these questions.
Let's assume people are logging in with OpenID.
Now there's a
possibility of users getting locked out of their accounts because
their provider went away. Yes, we can allow users to have passwords on
the site too, but then we have two methods of authentication, which
increases the risk of accounts getting owned. Additionally, now we
have to worry about a provider getting owned and all accounts
associated with that provider being owned as a result.
OpenID as a consumer on the sites without fixing the usability issues
is simply not going to happen. The security issues are a worry too,
but less so than the usability issues.
- Ryan
Ryan,
it seems, that you have never installed the Extension. Because then you
would not have asked the questions.