[OpenStack-Infra] On being an OpenID consumer instead of an OpenID producer.

Monty Taylor mordred at inaugust.com
Tue Sep 24 23:05:45 UTC 2013



On 09/24/2013 07:01 PM, Atwood, Mark wrote:
> | It's actually opposite of how you describe. Writing a good OpenID consumer 
> is hard due to user interface design issues,
> | especially since most people (even most technical people) have no idea how 
> to properly use OpenID. Education efforts
> | have been ongoing for 8 years, so that won't really help either.
> 
> Except that in our case, all our apps are *already* OpenID consumers.  There 
> is no additional education or development needed here.
> 
> Standing up another provider is more work.  Making our existing apps be 
> provider agnostic is less.

Not true. You're forgetting user interface.

Currently, we have passthrough SSO. That means you, at worst, click
"login" then get redirected, then click OK, then get redirected. Done.

If we went to "any provider" - you'd have to click "login" - then enter
your OpenID - which will confuse almost every single developer we have,
since only a handful of us in the world actually understand OpenID, then
they will all come to #openstack-infra and ask questions. Then they will
get it wrong. Then they will mistype their OpenID. Then they WON'T HAVE
ONE... then they'll get it wrong again... and a giant pile of fail will
ensue.



More information about the OpenStack-Infra mailing list