OFBiz OFBiz - Dev

openid support

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
20 messages Options
Adam Heath-2
Reply | Threaded
Open this post in threaded view
|

openid support

Adam Heath-2
I have a series of patches that enable ofbiz to be used as an openid
*provider*.  I used this to allow a wordpress site to delegate
authentication to ofbiz(the company in question already had an ofbiz
deployment hooked into their internal ldap, with phone/name synching;
didn't want to duplicate all that).

I do *not* yet have working openid client support.  Should I wait
until I do(there is no client that has payed for that), or should I
commit what I already have?  I need to verify it again first, but that
shouldn't take overly long.
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Jacques Le Roux
Administrator
Hi Adam,

The recent trend is to "slim down" OFBiz. This could be one of the Apache OFBiz Extras

If someone needs it it pick up from there, et voilà

Jacques

From: "Adam Heath" <[hidden email]>

>I have a series of patches that enable ofbiz to be used as an openid
> *provider*.  I used this to allow a wordpress site to delegate
> authentication to ofbiz(the company in question already had an ofbiz
> deployment hooked into their internal ldap, with phone/name synching;
> didn't want to duplicate all that).
>
> I do *not* yet have working openid client support.  Should I wait
> until I do(there is no client that has payed for that), or should I
> commit what I already have?  I need to verify it again first, but that
> shouldn't take overly long.
Adam Heath-2
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Adam Heath-2
On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
> Hi Adam,
>
> The recent trend is to "slim down" OFBiz. This could be one of the
> Apache OFBiz Extras
>
> If someone needs it it pick up from there, et voilà

There are multiple layers.  framework/openid, which has the basic
logic, but not any of the AX extensions.  applications/openidext,
which then can pull in Person firstName/lastName, ContactMech(ICQ,
website, phone, etc).

I'd really prefer to have the former in framework.

But I guess I need to wait until I can verify it actually works before
sending it(it does internally, but I need to check it again).
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Jacques Le Roux
Administrator
From: "Adam Heath" <[hidden email]>

> On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
>> Hi Adam,
>>
>> The recent trend is to "slim down" OFBiz. This could be one of the
>> Apache OFBiz Extras
>>
>> If someone needs it it pick up from there, et voilà
>
> There are multiple layers.  framework/openid, which has the basic
> logic, but not any of the AX extensions.  applications/openidext,
> which then can pull in Person firstName/lastName, ContactMech(ICQ,
> website, phone, etc).
>
> I'd really prefer to have the former in framework.
>
> But I guess I need to wait until I can verify it actually works before
> sending it(it does internally, but I need to check it again).

I'm personaly not against it. I guess it's not a large piece of software?

Jacques
Brett
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Brett
In reply to this post by Adam Heath-2
Adam,

There was a previous thread on the subject of implementing other
"authentication and security" models to support OpenId, LDAP, and
other custom authentication needs.  The subject of the thread was
"Alternatives to using UserLoginId as a primary key".

Here is a snippet of that thread from Jacopo.  Does your
implementation follow a similar approach to what Jacopo suggested?
I'm asking because we need a custom authentication model to support
unique user IDs across groups where the individual IDs may conflict.


On Mon, Feb 20, 2012 at 5:59 AM, Jacopo Cappellato
<[hidden email]> wrote:
> I like Adrian's proposal to make the UserLogin entity more flexible.
> Brett, as regards your proposal about the extension mechanism (i.e. the UserCredentials), I think it would be better an approach where each specific security implementation defines its own *Credentials (or *UserLogin or *Authentication or some other name) entity as an extension to the UserLogin for that authenticationTypeId (instead of attempting to define a general purpose UserCredentials entity).
>
> For example, for a UserLogin record for LDAP (i.e. authenticationTypeId="LDAP) we could have a corresponding record in the LdapUserLogin record; for a UserLogin record for OpenId we could have a corresponding record in the OpenIdUserLogin record etc... you could define your own for the specific security you are working on.
>
> Kind regards,
>
> Jacopo
>

On Thu, Apr 19, 2012 at 9:26 AM, Adam Heath <[hidden email]> wrote:

> I have a series of patches that enable ofbiz to be used as an openid
> *provider*.  I used this to allow a wordpress site to delegate
> authentication to ofbiz(the company in question already had an ofbiz
> deployment hooked into their internal ldap, with phone/name synching;
> didn't want to duplicate all that).
>
> I do *not* yet have working openid client support.  Should I wait
> until I do(there is no client that has payed for that), or should I
> commit what I already have?  I need to verify it again first, but that
> shouldn't take overly long.

Thanks,


Brett
Adam Heath-2
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Adam Heath-2
On 04/19/2012 04:55 PM, Brett Palmer wrote:

> Adam,
>
> There was a previous thread on the subject of implementing other
> "authentication and security" models to support OpenId, LDAP, and
> other custom authentication needs.  The subject of the thread was
> "Alternatives to using UserLoginId as a primary key".
>
> Here is a snippet of that thread from Jacopo.  Does your
> implementation follow a similar approach to what Jacopo suggested?
> I'm asking because we need a custom authentication model to support
> unique user IDs across groups where the individual IDs may conflict.

The openid stuff I currently have allow for ofbiz to *answer* openid
requests from other systems.  There is nothing in ofbiz that does
anything like that.  It's as if ofbiz *was* the ldap server.

I plan on letting openid be used on login pages, but none of our
clients have requested such a feature.

Scott Gray-2
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Scott Gray-2
In reply to this post by Adam Heath-2

On 20/04/2012, at 9:40 AM, Adam Heath wrote:

> On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
>> Hi Adam,
>>
>> The recent trend is to "slim down" OFBiz. This could be one of the
>> Apache OFBiz Extras
>>
>> If someone needs it it pick up from there, et voilà
>
> There are multiple layers.  framework/openid, which has the basic
> logic, but not any of the AX extensions.  applications/openidext,
> which then can pull in Person firstName/lastName, ContactMech(ICQ,
> website, phone, etc).
>
> I'd really prefer to have the former in framework.
>
> But I guess I need to wait until I can verify it actually works before
> sending it(it does internally, but I need to check it again).

Perhaps consider putting a patch in jira for review? A new folder under both applications and framework seems pretty heavy handed for something that sounds so simple.  If they're both just components then there's also no reason why they need to be in OFBiz rather than distributed separately unless we know they're going to see a reasonable amount of use from the community.

I think this is going to become a recurring problem though, people will always want their components in OFBiz proper for fear of them being ignored/invisible if distributed by any other means.  What this project really needs is an "extensions" website that acts as an aggregator for 3rd party components in a similar manner to firefox/chrome/jQuery/Magento/Eclipse and so manner other extensible applications.  If it had a rating/review system then that could help us evaluate potential components for inclusion in the core distribution (assuming an appropriate license).
samhamilton
Reply | Threaded
Open this post in threaded view
|

Re: openid support

samhamilton
Hey Guys, 

We are soon going to need OAuth support to allow external users to log into OFBiz Ecommerce site, which I believe is similar in design to openid. 
Just wondering if you considered using Apache Shiro http://shiro.apache.org/ to help manage the different authentication systems as plugins? If you are having to touch all those parts of the framework is it worth thinking about changing the system to something that already does this stuff out the box?

Thanks
Sam


On 20 Apr 2012, at 07:10, Scott Gray wrote:


On 20/04/2012, at 9:40 AM, Adam Heath wrote:

On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
Hi Adam,

The recent trend is to "slim down" OFBiz. This could be one of the
Apache OFBiz Extras

If someone needs it it pick up from there, et voilà

There are multiple layers.  framework/openid, which has the basic
logic, but not any of the AX extensions.  applications/openidext,
which then can pull in Person firstName/lastName, ContactMech(ICQ,
website, phone, etc).

I'd really prefer to have the former in framework.

But I guess I need to wait until I can verify it actually works before
sending it(it does internally, but I need to check it again).

Perhaps consider putting a patch in jira for review? A new folder under both applications and framework seems pretty heavy handed for something that sounds so simple.  If they're both just components then there's also no reason why they need to be in OFBiz rather than distributed separately unless we know they're going to see a reasonable amount of use from the community.

I think this is going to become a recurring problem though, people will always want their components in OFBiz proper for fear of them being ignored/invisible if distributed by any other means.  What this project really needs is an "extensions" website that acts as an aggregator for 3rd party components in a similar manner to firefox/chrome/jQuery/Magento/Eclipse and so manner other extensible applications.  If it had a rating/review system then that could help us evaluate potential components for inclusion in the core distribution (assuming an appropriate license).


smime.p7s (6K) Download Attachment
Adam Heath-2
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Adam Heath-2
On 04/19/2012 10:39 PM, Sam Hamilton wrote:
> Hey Guys,
>
> We are soon going to need OAuth support to allow external users to
> log into OFBiz Ecommerce site, which I believe is similar in design
> to openid. Just wondering if you considered using Apache Shiro
> http://shiro.apache.org/ to help manage the different authentication
>  systems as plugins? If you are having to touch all those parts of
> the framework is it worth thinking about changing the system to
> something that already does this stuff out the box?

OAuth is not the same as OpenID.  The former let's Application A access
the resources owned by User U.  The latter allows Application A to
verify the identity of User U.  They don't really align.

I've looked at OAuth, it has a *much* worse example api.  So much worse,
that the 'library', if you could call it that, is barely more than a
series of abstract interfaces.  Client/server code ends up implementing
*way* to much of the protocol itself.

Additionally, both OAuth and OpenID are suffering from *massive*
bit-rot.  The specs are all several years old, software doesn't
implement the latest versions, etc.  I had to patch the openid plugin
for wordpress to get it to actually work with OpenID 2.0, a spec
released over 4 years ago.

But I'm jaded.
Rajbir Saini
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Rajbir Saini
In reply to this post by samhamilton
There is a SocialAuth project (http://code.google.com/p/socialauth/)
which provides oAuth and OpenId based authentication using oAuth
providers such as Google, Facebook, Twitter, LinkedIn, Yahoo etc. We
used it for one of our client project.

Thanks,

Raj

On Friday 20 April 2012 09:09 AM, Sam Hamilton wrote:

> Hey Guys,
>
> We are soon going to need OAuth support to allow external users to log
> into OFBiz Ecommerce site, which I believe is similar in design to
> openid.
> Just wondering if you considered using Apache Shiro
> http://shiro.apache.org/ to help manage the different authentication
> systems as plugins? If you are having to touch all those parts of the
> framework is it worth thinking about changing the system to something
> that already does this stuff out the box?
>
> Thanks
> Sam
>
>
> On 20 Apr 2012, at 07:10, Scott Gray wrote:
>
>>
>> On 20/04/2012, at 9:40 AM, Adam Heath wrote:
>>
>>> On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
>>>> Hi Adam,
>>>>
>>>> The recent trend is to "slim down" OFBiz. This could be one of the
>>>> Apache OFBiz Extras
>>>>
>>>> If someone needs it it pick up from there, et voilà
>>>
>>> There are multiple layers.  framework/openid, which has the basic
>>> logic, but not any of the AX extensions.  applications/openidext,
>>> which then can pull in Person firstName/lastName, ContactMech(ICQ,
>>> website, phone, etc).
>>>
>>> I'd really prefer to have the former in framework.
>>>
>>> But I guess I need to wait until I can verify it actually works before
>>> sending it(it does internally, but I need to check it again).
>>
>> Perhaps consider putting a patch in jira for review? A new folder
>> under both applications and framework seems pretty heavy handed for
>> something that sounds so simple.  If they're both just components
>> then there's also no reason why they need to be in OFBiz rather than
>> distributed separately unless we know they're going to see a
>> reasonable amount of use from the community.
>>
>> I think this is going to become a recurring problem though, people
>> will always want their components in OFBiz proper for fear of them
>> being ignored/invisible if distributed by any other means.  What this
>> project really needs is an "extensions" website that acts as an
>> aggregator for 3rd party components in a similar manner to
>> firefox/chrome/jQuery/Magento/Eclipse and so manner other extensible
>> applications.  If it had a rating/review system then that could help
>> us evaluate potential components for inclusion in the core
>> distribution (assuming an appropriate license).
>

samhamilton
Reply | Threaded
Open this post in threaded view
|

Re: openid support

samhamilton
In reply to this post by Adam Heath-2
Thanks for the explanation Adam - do you see worth in implementing one system which has plugins for OAuth, OpenID & LDAP etc over implementing each one individually plus the benefit of a larger security community maintaining the core security system?

Sam


On 20 Apr 2012, at 12:08, Adam Heath wrote:

> On 04/19/2012 10:39 PM, Sam Hamilton wrote:
>> Hey Guys,
>>
>> We are soon going to need OAuth support to allow external users to
>> log into OFBiz Ecommerce site, which I believe is similar in design
>> to openid. Just wondering if you considered using Apache Shiro
>> http://shiro.apache.org/ to help manage the different authentication
>> systems as plugins? If you are having to touch all those parts of
>> the framework is it worth thinking about changing the system to
>> something that already does this stuff out the box?
>
> OAuth is not the same as OpenID.  The former let's Application A access
> the resources owned by User U.  The latter allows Application A to
> verify the identity of User U.  They don't really align.
>
> I've looked at OAuth, it has a *much* worse example api.  So much worse,
> that the 'library', if you could call it that, is barely more than a
> series of abstract interfaces.  Client/server code ends up implementing
> *way* to much of the protocol itself.
>
> Additionally, both OAuth and OpenID are suffering from *massive*
> bit-rot.  The specs are all several years old, software doesn't implement the latest versions, etc.  I had to patch the openid plugin for wordpress to get it to actually work with OpenID 2.0, a spec released over 4 years ago.
>
> But I'm jaded.


smime.p7s (6K) Download Attachment
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Jacques Le Roux
Administrator
In reply to this post by samhamilton
Hi Sam,
 
What proposes Adam is not exactly related. He proposes to introduce a way for OFBiz to be an OpenId server..
And yes we already discussed about using Shiro in OFBiz. But we also agreed recently to focus our efforts on the "slim down" action...
 
Jacques
----- Original Message -----
Sent: Friday, April 20, 2012 5:39 AM
Subject: Re: openid support

Hey Guys, 

We are soon going to need OAuth support to allow external users to log into OFBiz Ecommerce site, which I believe is similar in design to openid. 
Just wondering if you considered using Apache Shiro http://shiro.apache.org/ to help manage the different authentication systems as plugins? If you are having to touch all those parts of the framework is it worth thinking about changing the system to something that already does this stuff out the box?

Thanks
Sam


On 20 Apr 2012, at 07:10, Scott Gray wrote:


On 20/04/2012, at 9:40 AM, Adam Heath wrote:

On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
Hi Adam,

The recent trend is to "slim down" OFBiz. This could be one of the
Apache OFBiz Extras

If someone needs it it pick up from there, et voilà

There are multiple layers.  framework/openid, which has the basic
logic, but not any of the AX extensions.  applications/openidext,
which then can pull in Person firstName/lastName, ContactMech(ICQ,
website, phone, etc).

I'd really prefer to have the former in framework.

But I guess I need to wait until I can verify it actually works before
sending it(it does internally, but I need to check it again).

Perhaps consider putting a patch in jira for review? A new folder under both applications and framework seems pretty heavy handed for something that sounds so simple.  If they're both just components then there's also no reason why they need to be in OFBiz rather than distributed separately unless we know they're going to see a reasonable amount of use from the community.

I think this is going to become a recurring problem though, people will always want their components in OFBiz proper for fear of them being ignored/invisible if distributed by any other means.  What this project really needs is an "extensions" website that acts as an aggregator for 3rd party components in a similar manner to firefox/chrome/jQuery/Magento/Eclipse and so manner other extensible applications.  If it had a rating/review system then that could help us evaluate potential components for inclusion in the core distribution (assuming an appropriate license).


smime.p7s (8K) Download Attachment
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Jacques Le Roux
Administrator
In reply to this post by Scott Gray-2
From: "Scott Gray" <[hidden email]>

> On 20/04/2012, at 9:40 AM, Adam Heath wrote:
>
>> On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
>>> Hi Adam,
>>>
>>> The recent trend is to "slim down" OFBiz. This could be one of the
>>> Apache OFBiz Extras
>>>
>>> If someone needs it it pick up from there, et voilà
>>
>> There are multiple layers.  framework/openid, which has the basic
>> logic, but not any of the AX extensions.  applications/openidext,
>> which then can pull in Person firstName/lastName, ContactMech(ICQ,
>> website, phone, etc).
>>
>> I'd really prefer to have the former in framework.
>>
>> But I guess I need to wait until I can verify it actually works before
>> sending it(it does internally, but I need to check it again).
>
> Perhaps consider putting a patch in jira for review? A new folder under both applications and framework seems pretty heavy handed
> for something that sounds so simple.  If they're both just components then there's also no reason why they need to be in OFBiz
> rather than distributed separately unless we know they're going to see a reasonable amount of use from the community.
>
> I think this is going to become a recurring problem though, people will always want their components in OFBiz proper for fear of
> them being ignored/invisible if distributed by any other means.  What this project really needs is an "extensions" website that
> acts as an aggregator for 3rd party components in a similar manner to firefox/chrome/jQuery/Magento/Eclipse and so manner other
> extensible applications.  If it had a rating/review system then that could help us evaluate potential components for inclusion in
> the core distribution (assuming an appropriate license).

That would be great but maybe a bit out of our possibilities at the moment?

Jacques
Adrian Crum-3
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Adrian Crum-3
On 4/20/2012 8:13 AM, Jacques Le Roux wrote:

> From: "Scott Gray" <[hidden email]>
>> On 20/04/2012, at 9:40 AM, Adam Heath wrote:
>>
>>> On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
>>>> Hi Adam,
>>>>
>>>> The recent trend is to "slim down" OFBiz. This could be one of the
>>>> Apache OFBiz Extras
>>>>
>>>> If someone needs it it pick up from there, et voilà
>>>
>>> There are multiple layers.  framework/openid, which has the basic
>>> logic, but not any of the AX extensions.  applications/openidext,
>>> which then can pull in Person firstName/lastName, ContactMech(ICQ,
>>> website, phone, etc).
>>>
>>> I'd really prefer to have the former in framework.
>>>
>>> But I guess I need to wait until I can verify it actually works before
>>> sending it(it does internally, but I need to check it again).
>>
>> Perhaps consider putting a patch in jira for review? A new folder
>> under both applications and framework seems pretty heavy handed for
>> something that sounds so simple.  If they're both just components
>> then there's also no reason why they need to be in OFBiz rather than
>> distributed separately unless we know they're going to see a
>> reasonable amount of use from the community.
>>
>> I think this is going to become a recurring problem though, people
>> will always want their components in OFBiz proper for fear of them
>> being ignored/invisible if distributed by any other means.  What this
>> project really needs is an "extensions" website that acts as an
>> aggregator for 3rd party components in a similar manner to
>> firefox/chrome/jQuery/Magento/Eclipse and so manner other extensible
>> applications.  If it had a rating/review system then that could help
>> us evaluate potential components for inclusion in the core
>> distribution (assuming an appropriate license).
>
> That would be great but maybe a bit out of our possibilities at the
> moment?
>

Just create a Wiki page for it like we did for third-party visual themes.

-Adrian

Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Jacques Le Roux
Administrator
From: "Adrian Crum" <[hidden email]>

> On 4/20/2012 8:13 AM, Jacques Le Roux wrote:
>> From: "Scott Gray" <[hidden email]>
>>> On 20/04/2012, at 9:40 AM, Adam Heath wrote:
>>>
>>>> On 04/19/2012 04:28 PM, Jacques Le Roux wrote:
>>>>> Hi Adam,
>>>>>
>>>>> The recent trend is to "slim down" OFBiz. This could be one of the
>>>>> Apache OFBiz Extras
>>>>>
>>>>> If someone needs it it pick up from there, et voilà
>>>>
>>>> There are multiple layers.  framework/openid, which has the basic
>>>> logic, but not any of the AX extensions.  applications/openidext,
>>>> which then can pull in Person firstName/lastName, ContactMech(ICQ,
>>>> website, phone, etc).
>>>>
>>>> I'd really prefer to have the former in framework.
>>>>
>>>> But I guess I need to wait until I can verify it actually works before
>>>> sending it(it does internally, but I need to check it again).
>>>
>>> Perhaps consider putting a patch in jira for review? A new folder under both applications and framework seems pretty heavy
>>> handed for something that sounds so simple.  If they're both just components then there's also no reason why they need to be in
>>> OFBiz rather than distributed separately unless we know they're going to see a reasonable amount of use from the community.
>>>
>>> I think this is going to become a recurring problem though, people will always want their components in OFBiz proper for fear of
>>> them being ignored/invisible if distributed by any other means.  What this project really needs is an "extensions" website that
>>> acts as an aggregator for 3rd party components in a similar manner to firefox/chrome/jQuery/Magento/Eclipse and so manner other
>>> extensible applications.  If it had a rating/review system then that could help us evaluate potential components for inclusion
>>> in the core distribution (assuming an appropriate license).
>>
>> That would be great but maybe a bit out of our possibilities at the moment?
>>
>
> Just create a Wiki page for it like we did for third-party visual themes.

For the rating/review system  we could use something like http://fr.surveymonkey.com/ from the wiki page?

Jacques

> -Adrian
>
Adam Heath-2
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Adam Heath-2
In reply to this post by Jacques Le Roux
On 04/20/2012 01:32 AM, Jacques Le Roux wrote:
> Hi Sam,
> What proposes Adam is not exactly related. He proposes to introduce a
> way for OFBiz to be an OpenId server..
> And yes we already discussed about using Shiro in OFBiz. But we also
> agreed recently to focus our efforts on the "slim down" action...
> Jacques

Exactly.  In this case, ofbiz is like yahoo or google or facebook.
Since ofbiz is supposed to be the controller for your entire business,
why shouldn't it also be the central authentication authority as well?

ps: good look finding any good examples for providers for those services.
hans_bakker
Reply | Threaded
Open this post in threaded view
|

Re: openid support

hans_bakker

+1

On 04/20/2012 09:43 PM, Adam Heath wrote:

> On 04/20/2012 01:32 AM, Jacques Le Roux wrote:
>> Hi Sam,
>> What proposes Adam is not exactly related. He proposes to introduce a
>> way for OFBiz to be an OpenId server..
>> And yes we already discussed about using Shiro in OFBiz. But we also
>> agreed recently to focus our efforts on the "slim down" action...
>> Jacques
>
> Exactly.  In this case, ofbiz is like yahoo or google or facebook.
> Since ofbiz is supposed to be the controller for your entire business,
> why shouldn't it also be the central authentication authority as well?
>
> ps: good look finding any good examples for providers for those services.

Pierre Smits
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Pierre Smits
In reply to this post by Adam Heath-2
I believe there are better solutions to provide central authentication
authority functions.

>ps: good look finding any good examples for providers for those services.

I wouldn't want my Business Application eco-system to be the authentication
provider for (tens of) thousands of users for other websites (and
functions) and have my computer resources consumed for that process and
thus proposing risks to me doing my business or to the tenants that use my
system.

Please also look at http://en.wikipedia.org/wiki/OpenID regarding the
controversies before deciding on this.


-1 on incorporation in framework
+1 on Apache EXTRA

Regards,

Pierre

Op 20 april 2012 16:43 schreef Adam Heath <[hidden email]> het
volgende:

> On 04/20/2012 01:32 AM, Jacques Le Roux wrote:
>
>> Hi Sam,
>> What proposes Adam is not exactly related. He proposes to introduce a
>> way for OFBiz to be an OpenId server..
>> And yes we already discussed about using Shiro in OFBiz. But we also
>> agreed recently to focus our efforts on the "slim down" action...
>> Jacques
>>
>
> Exactly.  In this case, ofbiz is like yahoo or google or facebook. Since
> ofbiz is supposed to be the controller for your entire business, why
> shouldn't it also be the central authentication authority as well?
>
> ps: good look finding any good examples for providers for those services.
>
Wai
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Wai
Hello,
Could you tell me where I can find the "extra" folder for all components that are moved there?
Thanks
Wai
Jacques Le Roux
Reply | Threaded
Open this post in threaded view
|

Re: openid support

Jacques Le Roux
Administrator
This is actually Google code, see
https://blogs.apache.org/foundation/entry/the_apache_software_foundation_launches
http://community.apache.org/apache-extras/faq.html
and for code itself
http://code.google.com/a/apache-extras.org/hosting/
http://code.google.com/a/apache-extras.org/hosting/search?q=label%3aOFBiz

Jacques

From: "Wai" <[hidden email]>
> Hello,
> Could you tell me where I can find the "extra" folder for all components
> that are moved there?
> Thanks
> Wai
>
> --
> View this message in context: http://ofbiz.135035.n4.nabble.com/openid-support-tp4571263p4633502.html
> Sent from the OFBiz - Dev mailing list archive at Nabble.com.
Free forum by Nabble Edit this page