Identity Management

Hacking WordPress Login and Password Reset Processes For My University Environment

Any university worth the title is likely to have a very mixed identity environment. At Plymouth State University we’ve been pursuing a strategy of unifying identity and offering single sign-on to web services, but an inventory last year still revealed a great number of systems not integrated with either our single sign-on (AuthN) or authorization […] » about 1700 words

CAS Is A Standard Protocol, Not A Standard Application

I’m not really part of the Jasig CAS Community (learn more), but I do maintain the wpCAS WordPress CAS client and I’ve started development of a CAS server component for WordPress. That project is on hold because one of the products that I’d expected to integrate with it doesn’t use standard CAS and the vendor […] » about 200 words

Acronym Overload: IIS + ISAPI + CAS

I’m working to integrate an application on a remote-hosted IIS server into our CAS environment. CASisapi (svn trunk or svn tags/production) may do the trick, though Phil Sladen struggled with it (in 2005). There’s reason to doubt it. Not only is the sparse information all old, I first learned about it from a page full of broken links and the apparent author recommends against it. There’s a little more information here for those who can read Danish.

UC Davis’ CAS ISAPI client may be a better solution (it certainly looks easy to install). Builder AU talks about .NET + CAS, and Case Western has a lot of documentation. Only partially related: it looks like World of Warcraft uses CAS.

My DevCamp Lightning Talk

Hi, I’m Casey. I developed Scriblio, which is really just a faceted search and browse plugin for WordPress that allows you to use it as a library catalog or digital library system (or both). I’m not the only one to misuse WordPress that way. Viddler is a cool YouTube competitor built atop WordPress that allows […] » about 400 words

WordPress CAS Integration Plugin

CAS — Central Authentication Service — has no logo, but it’s still cool. Heterogeneous environments like mine offer hundreds of different online services or applications that each need to authenticate the user. Instead of throwing our passwords around like confetti, CAS allows those applications to identify their users based on session information managed by the […] » about 300 words

Will Norris on OAuth and DiSo

Will Norris talking about things OAuth, OpenID, and Diso at WordCamp. Demonstrates/fakes an OAuth authentication and authorization process with WordPress for iPhone app. Does this matter? OAuth support is slated for WP 2.7, and people are finally getting smart about linking all this stuff without throwing passwords around “like confetti.” » about 100 words

Google Pumps OpenID Too

Following news that Yahoo! is joining the OpenID fray, it appears Google is dipping a toe in too. While those two giants work out their implementations, others are raising the temperature of the debate on IDM solutions. Stefan Brands is among the OpenID naysayers (David Recordon’s response), while Scott Gillbertson sees a bright future. Let’s watch the OpenID Directory to see how fast it grows now (count on January 19 2008: 446).

Gravatar Acquired, More Features & Better Reliability Ahead

Matt pointed out that Automattic has purchased Gravatar, the globally recognizable avatar service. Om speaks of the economics and Matt’s cagy, but it’s hard not to see the possibility of creating a larger identity solution around this. WordPress’ market penetration is huge, a service that connects those nearly two million blogs could offer real value, especially in connection with Automattic’s Akismet.

Aside: now that Gravitar’s reliability is up, I’ll probably get Sexy Comments running here soon.