[TYPO3-core] State of TYPO3 OpenID
Dmitry Dulepov
dmitry.dulepov at gmail.com
Tue Jul 9 17:14:24 CEST 2013
Hi!
Michael Stucki wrote:
> Actually it's not. If you provide an OpenID server for your employees,
> then you can whitelist this server and have accounts created
> automatically if they are missing.
The goal of the OpenID ext was not like that. The goal was to use OpenID
for *existing* accounts only. That was a decision made at the time of
development, which was a Hacontest-2006 :)
In my opinion, creation of accounts is not always safe, so it should not be
a part of the stock openid ext. It should be separate. If somebody wants
this, he should have one more small obstacle on his way before he makes a
possible mistake.
--
Dmitry Dulepov
More information about the TYPO3-team-core
mailing list