[Seaside] Re: Seaside authentication/login/user account package

Julian Fitzell jfitzell at gmail.com
Tue Feb 1 14:07:56 UTC 2011 

Sure, though you can also maintain your own authentication service or,
in the meantime, at least introduce OpenID delegation to leave that
option open to you in the future:

http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers

Julian

On Mon, Jan 31, 2011 at 7:25 PM, Tony Fleig <tony.fleig at gmail.com> wrote:
> I agree that many would probably fund it useful to have additional
> login options such as via Facebook, Twitter, Google, etc. I'll add
> that to my list of requested features. There is a fair amount of work
> still needed just to refactor the existing code base that I need to
> complete before adding any new features though...
>
> Of course I built TFLogin primarily because I needed the functionality
> myself and I am generally against the use of consolidated logins (see
> http://forum.world.st/authentication-for-seaside-td3166481.html#a3167165.)
>
> Here are excerpts from the above-referenced email:
>
> Entrusting the security of all your on-line accounts to a single
> entity, be it Facebook, Twitter, or a national government provides a
> single point of failure for the security of the associated accounts.
> This is the same reason why using the same password for multiple
> accounts is ill-advised.
>
> I understand keeping track of many passwords is inconvenient and just
> automatically using one's Facebook login at another site is very
> convenient. Convenience is also the reason why people use the word
> "password" as their password. I, personally, would not use automatic
> Facebook or Twitter login for any but my insecure accounts -- and
> those are almost by definition, the accounts that are not very
> important to me.
>
> I have three friends whose on-line accounts were compromised and who
> lost significant amounts of money and suffered months of continued
> problems recovering from identity theft. These were not rich people.
> This does happen.
>
> I think there is still a place for per-site login and security,
> inconvenient as it may be.
>
> (I use http://www.husharoo.com to maintain my secret stuff.)
>
> Regards,
> TF
>
>
>
>
> On Mon, Jan 31, 2011 at 2:53 AM, Geert Claes <geert.wl.claes at gmail.com> wrote:
>>
>> Nice!
>>
>> How about also adding support for the user to login using Facebook, Google,
>> Yahoo, Twitter etc you see often on web applications these days?
>> --
>> View this message in context: http://forum.world.st/Seaside-authentication-login-user-account-package-tp3178309p3248474.html
>> Sent from the Seaside General mailing list archive at Nabble.com.
>> _______________________________________________
>> seaside mailing list
>> seaside at lists.squeakfoundation.org
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>

More information about the seaside mailing list