[geeklog-devel] OpenID revisited (new patch)

Dirk Haun dirk at haun-online.de
Fri May 18 13:53:08 EDT 2007

Tony Bibbs wrote:

>1) Deny by Default - If a user uses any openID account we deny access by
>default.  This is used in conjunction with:
>2) Allowed OpenID Services - array of regex URL's we would allow access to
>3) Denied OpenID Services - array of regex URL's we explicitly deny

You can still ban users by their OpenID accounts. I guess we should
also  make it honor the user submission queue setting.

Not sure about the regexps. Those are blacklists and we all know by now
how good those work ...

>Does this patch simply make Geeklog
>capable of using an existing OpenID providers?

I believe the OpenID term is "consumer": If you have an OpenID account
somewhere, you can use it to log into Geeklog. Just like with the remote
authentication modules.

>More specifically, does
>it also allow Geeklog accounts to be exposed as an OpenID provider as
>well?  If not, that would be highly desirable.

Nope, it does not do that.

bye, Dirk


More information about the geeklog-devel mailing list