Modify

Opened 11 years ago

Last modified 11 months ago

#1061 new enhancement

Extend AccountManager to allow non-password-based authentication methods

Reported by: Mikhail Gusarov Owned by:
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: needinfo authentication password-less
Cc: Sascha Silbe, Thijs Triemstra Trac Release: 0.11

Description

Extracted from #173.

AccountManagerPlugin currently supports only username/password password authentication. There are other means of authentication (say, OpenID, and OpenIdPlugin is incompatible with AccountManagerPlugin right now), and AccountManagerPlugin may be extended to integrate all such functionality, refactoring "username"-"password" relation to the generic "username"-"set of credentials".

Attachments (0)

Change History (7)

comment:1 Changed 9 years ago by Sascha Silbe

Cc: Sascha Silbe added; anonymous removed

Automatic authentication via raw SSL keys (from SSL client certificate - no verification of the certificate records, just match the key to an account) would be wonderful. While that's feature request on its own, it should be probably be considered while refactoring AccountManagerPlugin.

comment:2 Changed 8 years ago by Thijs Triemstra

Cc: Thijs Triemstra added

This would be a great idea but it probably needs multiple tickets, or this ticket should be used as a master ticket. Facebook Connect support would be nice as well.

comment:3 Changed 7 years ago by Steffen Hoffmann

Keywords: needinfo authentication password-less added
Owner: changed from Matt Good to Steffen Hoffmann

Any news? More detailed ideas and patches welcome.

comment:4 Changed 7 years ago by Steffen Hoffmann

The idea of this ticket has been supported in #173 before.

comment:5 Changed 7 years ago by Steffen Hoffmann

Just a pointer to have a closer look at a candidate for integration:

https://github.com/openid/python-openid/blob/master/openid/consumer/consumer.py

comment:6 in reply to:  1 Changed 7 years ago by Steffen Hoffmann

Replying to sascha_silbe:

Automatic authentication via raw SSL keys (from SSL client certificate - no verification of the certificate records, just match the key to an account) would be wonderful.

I haven't got a clear idea on the use case. Would you dare to explain a bit more, how you think SSL/TLS auth should be accomplished? How would you do that from your browser?

A good resource to start further discussions could be Heikki Toivonen's Blog on SSL in Python. He is the current maintainer of M2Crypto, an alternative SSL module for Python. As we still consider support for Python2.4 to be important and first SSL module appears in Python2.6, we'll definitely end up with an additional dependency. M2Crypto seems like the best candidate so far.

comment:7 Changed 11 months ago by Ryan J Ollos

Owner: Steffen Hoffmann deleted

Modify Ticket

Change Properties
Set your email in Preferences
Action
as new The ticket will remain with no owner.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.