identity management

Hacking WordPress Login and Password Reset Processes For My University Environment

Any university worth the title is likely to have a very mixed identity environment. At Plymouth State University we’ve been pursuing a strategy of unifying identity and offering single sign-on to web services, but an inventory last year still revealed a great number of systems not integrated with either our single sign-on (AuthN) or authorization […] » about 1700 words

CAS Is A Standard Protocol, Not A Standard Application

I’m not really part of the Jasig CAS Community (learn more), but I do maintain the wpCAS WordPress CAS client and I’ve started development of a CAS server component for WordPress. That project is on hold because one of the products that I’d expected to integrate with it doesn’t use standard CAS and the vendor of that app has chosen to modify the JASIG CAS server to support their apps.

The standard is the protocol, not the server application, though we probably won’t really understand that until we see more CAS server implementations. Nonetheless, it’s important to keep that point in mind if we we hope to grow the usefulness of CAS.

Acronym Overload: IIS + ISAPI + CAS

I’m working to integrate an application on a remote-hosted IIS server into our CAS environment. CASisapi (svn trunk or svn tags/production) may do the trick, though Phil Sladen struggled with it (in 2005). There’s reason to doubt it. Not only is the sparse information all old, I first learned about it from a page full of broken links and the apparent author recommends against it. There’s a little more information here for those who can read Danish.

UC Davis’ CAS ISAPI client may be a better solution (it certainly looks easy to install). Builder AU talks about .NET + CAS, and Case Western has a lot of documentation. Only partially related: it looks like World of Warcraft uses CAS.

My DevCamp Lightning Talk

Hi, I’m Casey. I developed Scriblio, which is really just a faceted search and browse plugin for WordPress that allows you to use it as a library catalog or digital library system (or both). I’m not the only one to misuse WordPress that way. Viddler is a cool YouTube competitor built atop WordPress that allows […] » about 400 words

WordPress CAS Integration Plugin

CAS — Central Authentication Service — has no logo, but it’s still cool. Heterogeneous environments like mine offer hundreds of different online services or applications that each need to authenticate the user. Instead of throwing our passwords around like confetti, CAS allows those applications to identify their users based on session information managed by the […] » about 300 words

Will Norris on OAuth and DiSo

Will Norris talking about things OAuth, OpenID, and Diso at WordCamp. Demonstrates/fakes an OAuth authentication and authorization process with WordPress for iPhone app.

Does this matter? OAuth support is slated for WP 2.7, and people are finally getting smart about linking all this stuff without throwing passwords around “like confetti.”

Google Pumps OpenID Too

Following news that Yahoo! is joining the OpenID fray, it appears Google is dipping a toe in too. While those two giants work out their implementations, others are raising the temperature of the debate on IDM solutions. Stefan Brands is among the OpenID naysayers (<a href="http://daveman692.livejournal.com/310578.html” title="David Recordon’s Blog - Stefan Chooses to Take the “Fox News” Approach to OpenID Blogging">David Recordon’s response), while Scott Gillbertson sees a bright future. Let’s watch the OpenID Directory to see how fast it grows now (count on January 19 2008: 446).

Gravatar Acquired, More Features & Better Reliability Ahead

Matt pointed out that Automattic has purchased Gravatar, the globally recognizable avatar service. Om speaks of the economics and Matt’s cagy, but it’s hard not to see the possibility of creating a larger identity solution around this. WordPress’ market penetration is huge, a service that connects those nearly two million blogs could offer real value, especially in connection with Automattic’s Akismet.

Aside: now that Gravitar’s reliability is up, I’ll probably get Sexy Comments running here soon.

Reputation Management At Applied Dreams 2.2

Ryan gave me the drop on this presentation by Dave Chiu and Didier Hilhorst where they do an amusingly effective job of explaining the concept of reputation management. It all went down at the conclusion of the Applied Dreams 2.2 project at Interaction Design Institute Ivrea in Milano.

The project brief begins:

Our identities are changing due to our constant exposure to enabling technologies.

Our old physical identities, fixed to a house, an address, a tax number, private, detached, individual, introvert, seem increasingly at odds with our new electronic identities, mobile, self-published, publicly exposed, extrovert, shared, accessible, communal.

Simultaneously, an interconnection between individuals, commercial and authority is leading to the increasing relevance of self-organising, temporary socio-spatial communities and to the creation of micro-economies.

Identity Management In Social Spaces

(note: the following is cross-posted at Identity Future.) Being that good software — the social software that’s nearly synonymous with Web 2.0 — is stuff that gets you laid, where does that leave IdM? Danah Boyd might not have been thinking about it in exactly those terms, but her approach is uniquely social-centered. She proposes […] » about 400 words

IdM Takes Lessons From the Microformats Crowd

A tip from <a href="http://blog.ryaneby.com/">Ryan</a> sent me <a href="http://identityfuture.com/story/idm-microformats-microid/">looking</a> at <a href="http://microid.org/">MicroID</a>: <blockquote>a new Identity layer to the web and <a href="http://microformats.org/">Microformats</a> that allows anyone to simply claim verifiable ownership over their own pages and content hosted anywhere.</blockquote> The idea is to hash a user's email address (or other identifier) with the name of the site it will be published on, giving a string that can be inserted -- in true Microformats style -- as an element of the html on the site. » about 400 words

Identity Management Podcast

Josh Porter and Alex Barnett got Dick Hardt and Kim Cameron on the line to talk about Identity Management. The result is available as a podcast. I should add that Josh and Alex are big on the attention economy and social software, so they’re asking questions about how IdM works in those contexts. Most people […] » about 300 words

NEASIS&T Buy, Hack or Build Followup

I was tempted to speak without slides yesterday, and I must offer my apologies to anybody trying to read them now, as I’m not sure how the slides make sense without the context of my speech. On that point, it’s worth knowing that Lichen did an outstanding job liveblogging the event, despite struggling with a […] » about 600 words

Dick Hardt ‘s Identity 2.0 Presentation

I said “identity management is the next big thing” back in September. That was before I’d seen Sxip founder Dick Hardt’s presentation on Identity 2.0. Zach peeped me the link and told me I wouldn’t regret watching the presentation. He was right. Everybody, especially the people who don’t yet care about identity management, should take a look.

Next Big Thing: Identity Management

I might be overstating it, but Identity Management is the next big thing for the open source community to tackle. That’s why I like Sxip, even though I know so little about it.

There are a number of other solutions stewing, but most of those that I’m aware of are targeted at academic and enterprise users. Wouldn’t it be nice to have some federated system of identity management among blogs?

Yes, IdM is the next big thing, but as an infrastructural technology, it will be invisible when it works.

Here’s another link: The Identity Initiative : iname, FreeID, LID, SXIP, What’s Your Favorite Emerging Digital Identity?