[TYPO3-core] RFC #9474: Integrate OpenID authentication support to TYPO3

[Dmitry Dulepov]

Hello!

I'd like to comment on one issue to prevent harm.

Oliver Hader wrote:
> * Why is the final FE user authentication implemented to use AJAX and is
> there a complement in the back-end?

There is no AJAX there. Here is what Wikipedia says about AJAX:
"With Ajax, web applications can retrieve data from the server
asynchronously in the background without interfering with the
display and behavior of the existing page". Nothing like that
happens in OpenID extension.

I think the confusion happens because OpenID extension uses eID
TYPO3 feature to receive response from the OpenID provider. eID is
not related to AJAX. It is often used for AJAX calls but it has no
direct relation to AJAX at all. It can be used for any purpose if
full initialization of TYPO3 Frontend is not necessary.

The reason for using eID in the OpenID is quite simple. TYPO3
requires certain parameters for user authentication and extra
parameters for the OpenID authentication. These parameters are
firsts passed to the OpenID provider, who sends them back to the
requesting server after authentication. If all this
<strike>shit</strike> stuff in the URL is sent to the real page, it
will look very ugly and puzzling to the user. Using eID hides these
details, gives more comfort to the user and provide a clean page URL
after user is authenticated.

I assure that I spent quite a lot of time before the Hackontest
planning this feature and thinking how to implement it most
effectively and user–friendly. I was sure it will pop up at
Hackontest, so I was ready. And I did it the best possible way.

There are some thing that could be enhanced (like using database for
storing data) but this is not required for actually using eID in
TYPO3. The extension and framework behind it ensures secure OpenID
authentication for both Frontend and Backend. If someone doubts it,
I suggest to spend at least half time that I spent learning OpenID
and how to work with it. Questions will clear up.

-- 
Dmitry Dulepov
TYPO3 translations support
My TYPO3 book: http://www.packtpub.com/typo3-extension-development/book
In the blog:
http://typo3bloke.net/post-details/max_os_x_use_php_help_in_chm_format/