Ticket #1061 (new enhancement)

Opened 6 years ago

Last modified 2 years ago

Extend AccountManager to allow non-password-based authentication methods

Reported by: dottedmag Assigned to: hasienda
Priority: normal Component: AccountManagerPlugin
Severity: normal Keywords: needinfo authentication password-less
Cc: sascha_silbe, thijs Trac Release: 0.11

Description

Extracted from #173.

AccountManagerPlugin currently supports only username/password password authentication. There are other means of authentication (say, OpenID, and OpenIdPlugin? is incompatible with AccountManagerPlugin right now), and AccountManagerPlugin may be extended to integrate all such functionality, refactoring "username"-"password" relation to the generic "username"-"set of credentials".

Attachments

Change History

(follow-up: ↓ 6 ) 03/10/09 17:40:16 changed by sascha_silbe

  • cc set to sascha_silbe.

Automatic authentication via raw SSL keys (from SSL client certificate - no verification of the certificate records, just match the key to an account) would be wonderful. While that's feature request on its own, it should be probably be considered while refactoring AccountManagerPlugin.

06/26/09 14:27:31 changed by thijs

  • cc changed from sascha_silbe to sascha_silbe, thijs.

This would be a great idea but it probably needs multiple tickets, or this ticket should be used as a master ticket. Facebook Connect support would be nice as well.

10/13/10 00:56:53 changed by hasienda

  • owner changed from mgood to hasienda.
  • keywords set to needinfo authentication password-less.

Any news? More detailed ideas and patches welcome.

10/14/10 22:56:54 changed by hasienda

The idea of this ticket has been supported in #173 before.

11/05/10 21:10:38 changed by hasienda

Just a pointer to have a closer look at a candidate for integration:

https://github.com/openid/python-openid/blob/master/openid/consumer/consumer.py

(in reply to: ↑ 1 ) 12/05/10 20:15:53 changed by hasienda

Replying to sascha_silbe:

Automatic authentication via raw SSL keys (from SSL client certificate - no verification of the certificate records, just match the key to an account) would be wonderful.

I haven't got a clear idea on the use case. Would you dare to explain a bit more, how you think SSL/TLS auth should be accomplished? How would you do that from your browser?

A good resource to start further discussions could be Heikki Toivonen's Blog on SSL in Python. He is the current maintainer of M2Crypto, an alternative SSL module for Python. As we still consider support for Python2.4 to be important and first SSL module appears in Python2.6, we'll definitely end up with an additional dependency. M2Crypto seems like the best candidate so far.

Add/Change #1061 (Extend AccountManager to allow non-password-based authentication methods)




Change Properties
Action