Home

OpenID and Identity in Drupal: the future of user.module

Platinum and gold sponsors

walkah's picture
walkah - Mon, 02/11/2008 - 9:54pm
Presenters: 
James Walker (walkah)
Track: 
community and core
Session Description: 

SESSION OVERVIEW
This session is about identity management in Drupal focused primarily on the role of OpenID. With the release of Drupal 6 and the inclusion of OpenID support in core, it’s time to look forward on the future of digital identity, and how Drupal can best grow and expand to accommodate the changes.

This session will not be why OpenID, but rather what’s next with OpenID.

TRACK
Community and core

AGENDA
* OpenID overview / explanation
* Update of current Identity tools for Drupal
* Impact of OpenID & Identity management on user.module
* Suggestions for growth / expansion
* Roadmap for better core support for varied authentication
* Discussion about profile information as related to digital identity

GOALS
This session has two goals: to raise awareness amongst Drupal community members and developers about digital identity and to lay a roadmap for the interaction of such technology with Drupal.

RESOURCES
Attendees should be familiar with OpenID and Identity 2.0.

Scheduled: 
accepted
Session start time: 
03/03/2008 - 3:30pm - 03/03/2008 - 4:15pm
Average: 4.3 (6 votes)

» Login or register to post comments

Open ID and Roles

cbseven - Mon, 03/03/2008 - 5:35pm
cbseven's picture

Q: Does open ID address the notion of the role associated with my identity?

As a developer/admin, I often need to test using a variety of roles. If the service/website/application that I’m testing doesn’t support the idea of switching roles or security groups, I’m often stuck with remembering multiple logins. With OpenID, I suspect that there’s nothing preventing me from creating multiple ID’s, each associated with a specific role, and that’s certainly not any worse than the situation without centralized authentication (it could be argued that the situation is far better, especially if I can live with 2-4 separate ID/roles). It could probably be further argued that OpenID should have nothing to do with the role, at it’s core - it’s all about identity which has only a peripheral association with role. Perhaps the idea of multiple roles for an identity needs to be handled on the website/application side. Perhaps I’ve answered my own question.

Thoughts?

  • Charlie Bailey

Login or register to post comments

Yes

edfactor - Mon, 03/03/2008 - 6:30pm
edfactor's picture

You have answered your own question. By only working on the identity piece, and leaving authorization out completely, the openid guys were able to succeed at a small problem. It has some doubters, who worry about phishing attacks, etc - but it is a big improvement over the old way without trying to be THE solution.


Login or register to post comments
 
 

Count-Down to Drupalcon Boston 2008: Count Down, this shows until timer initializes or for non-js folks 2008-03-3T09:00:00 -5 %days% days + %hours%:%mins%:%secs%