Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-3060

Use OpenID Realm for approval requests

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Fixed
    • 2.6
    • OpenID
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Crowd's OpenID approvals are based around the return_to URL. An OpenID 2 request may present a more general realm as well (Realms). If present, the user should be asked to approve the realm for this and future requests.

      If a whitelist is present (CWD-3045) it should be treated as a list of realms. Any realm must either be directly present on the whitelist (if it's a pattern) or match something on the whitelist if it's a concrete return_to URL.

      Attachments

        Issue Links

          has a derivative of

          Suggestion - CWD-3069 Warn about overly general Realms in OpenID requests

          • Gathering Interest
          relates to

          Suggestion - CWD-2470 Support OpenID 2.0 and identifier select for a single endpoint URL

          • Closed

          Suggestion - CWD-3045 Allow a whitelist of automatically-approved sites for CrowdID

          • Closed
          mentioned in

          Wiki Page Loading...

          Activity

            People

              jwalton joe
              jwalton joe
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: