[TYPO3-core] State of TYPO3 OpenID

Dmitry Dulepov dmitry.dulepov at gmail.com
Tue Jul 9 17:14:24 CEST 2013


Michael Stucki wrote:
> Actually it's not. If you provide an OpenID server for your employees,
> then you can whitelist this server and have accounts created
> automatically if they are missing.

The goal of the OpenID ext was not like that. The goal was to use OpenID 
for *existing* accounts only. That was a decision made at the time of 
development, which was a Hacontest-2006 :)

In my opinion, creation of accounts is not always safe, so it should not be 
a part of the stock openid ext. It should be separate. If somebody wants 
this, he should have one more small obstacle on his way before he makes a 
possible mistake.

Dmitry Dulepov

More information about the TYPO3-team-core mailing list