OpenID support

[DarTar]

Many users have suggested adding support for  OpenID authentication. I'm opening a ticket to keep track of any development in this sense.

What is OpenID?

OpenID is an open, decentralized, free framework for user-centric digital identity.

OpenID starts with the concept that anyone can identify themselves on the Internet the same way websites do-with a URI (also called a URL or web address). Since URIs are at the very core of Web architecture, they provide a solid foundation for user-centric identity.

The first piece of the OpenID framework is authentication -- how you prove ownership of a URI. Today, websites require usernames and passwords to login, which means that many people use the same password everywhere. With OpenID Authentication (see specs), your username is your URI, and your password (or other credentials) stays safely stored on your OpenID Provider (which you can run yourself, or use a third-party identity provider).

To login to an OpenID-enabled website (even one you've never been to before), just type your OpenID URI. The website will then redirect you to your OpenID Provider to login using whatever credentials it requires. Once authenticated, your OpenID provider will send you back to the website with the necessary credentials to log you in. By using Strong Authentication where needed, the OpenID Framework can be used for all types of transactions, both extending the use of pure single-sign-on as well as the sensitivity of data shared.

[JavaWoman]

I definitely want OpenID login for the wiki I'm setting up myself (I'm not even planning to go online with that without OpenID!) - which is why I've already started on (finally!) splitting up the usersettings action into three separate ones: register, login/logout, and usersettings (proper); and for the login/logout action preparing for a framework that will allow various login methods, including (of course) OpenID.

To do this cleanly, we'll need a framework for "code plugins" first, so you don't end up with a lot of code that's specific for various login methods most people might not ever use. And don't forget there are other (possible) login methods as well: they don't all belong in Wikka's core (actions) code.

So the approach I see is:

1. split up usersettings (see #79)
2. create a framework for "code plugins"
3. leverage that combination to make OpenID login possible - as a plugin.

I also think part 1. can be realized in 1.1.7 already - I already have most of the code - though it will need a small extension to the installer as well, to create "system pages" with specific ACLs.