Authentication
olafzanger edited this page Sep 14, 2010
·
5 revisions
On this page the outcome of osw group list discussions concerning need and potential concepts for solutions for the OSW Authentication shall be maintained for overview.
Early thoughts for seeding the discussion is provided.
The written needs nor approaches are by now means binding to the osw developer community. The planned features are rather maintained in the Roadmap.
- since it is a federated approach AND registering a new user currently builds simply on the openFire means (no own OSW admin user interface), wouldn’t it be wise NOT to develop yet another authentication-identity (to annoy users) but to consequently built on openID, oauth, Google Login, Facebook Connect, Mobile Phone number respectively?
- The user if once using one of the upper then has the ability to add new means of authentication (and delete former means) at will.
- on mobile such authentication can be integrated at the Mobile Operator in a means, that the authentication is totally transparent to the user. For this binding the Mobile Phone number is needed.
- two factor authentication can be integrated through Mobile Operators using the standardized MSSP technology .
- Registration is part of XMPP, currently it must be enabled on the server and you have in-band registration (supported in the console with the /register command). We have not yet added this to the web client and android one simply because we do not need it now, and focus onother things.
- OpenID, it could be supported but the user experience is broken on things like mobile, which is a key target for us.
This page is originally created by Olaf Zanger. Pls add your content at will.