Community
Participate
Working Groups
It would be great if the Gerrit Connector supported OpenId as a method of authentication.
Makes sense. Should be a matter of sending credentials to the corresponding Gerrit service.
OpenID protocol description: http://code.google.com/apis/accounts/docs/OpenID.html.
Pushed a review here: I5bb086b2: support openid for login to gerrit http://review.mylyn.org/#change,17
OpenID support is now available.
Created attachment 202931 [details] mylyn/context/zip
Created attachment 203114 [details] repository dialog
Created attachment 203115 [details] authentication dialog
Nice work Steffen, this works really well. I have a concern about the login dialog however: Normally when OpenID login is presented in a browser, the user can verify the authenticity of the login page from the browser address bar, and know if it's secure from the "lock" icon. I didn't notice any such information provided via the login dialog. This authenticity feedback is part of what makes OpenID work -- I suspect that users may be reluctant to enter their username and password if they're not sure where the web page originated from. Did I miss something, or is this an issue that should be addressed?
I don't know to what extend the Eclipse browser API supports that type of validation but it sounds sensible. Please feel free to file a bug to suggest that as an enhancement.
Created attachment 212023 [details] screenshot
Created attachment 212024 [details] screenshot