[jdev] "Add Account"URI?

Marcel Waldvogel marcel.waldvogel at uni-konstanz.de
Thu Nov 3 20:05:36 UTC 2016


Peter,
I completely agree. Writing down passwords anywhere is a bad idea, but
I think the benefits greatly outweigh the risks in this case:




















-- 
-Marcel
On Do, 2016-11-03 at 12:17 -0600, Peter Saint-Andre wrote:
> On 11/3/16 9:04 AM, Marcel Waldvogel wrote:
> > 
> > Hi,
> > 
> > we're looking into using XMPP together with (passwordless) single
> > sign
> > on mechanisms such as Shibboleth (SAML).
> > 
> > As most (all?) clients only support password authentication, this
> > cannot
> > be used directly. Implementing Shibboleth is also not trivial, so
> > it is
> > unlikely we can convince a large portion of the developers to do
> > so.
> > 
> > We are therefore looking into creating per-application passwords on
> > a
> > web page. To make this easy, it would be nice if applications were
> > to
> > supported a URI like xmpp:romeo at montague.net?addaccount;password=Ju
> > l13t
> > <file://romeo@montague.net?addaccount;password=Jul13t>, as an
> > extension
> > to XEP-0147.
> > 
> > This would be much easier to implement and would — for the user —
> > make
> > adding an account almost as simple as native SSO support.
> > 
> > What do you think?
> Putting passwords in URLs is a bad idea. :-)
> 
> Peter
> 
> 
> 
> _______________________________________________
> JDev mailing list
> Info: https://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20161103/32fc6303/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6431 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20161103/32fc6303/attachment-0001.bin>


More information about the JDev mailing list