Closed
Bug 754926
Opened 12 years ago
Closed 11 years ago
BigTent tracking - ProxyIdP for Persona
Categories
(Cloud Services :: Server: Identity, defect)
Cloud Services
Server: Identity
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: ozten, Unassigned)
References
Details
(Whiteboard: [qa+])
This is the tracking bug for https://wiki.mozilla.org/Identity/BrowserID/BigTent
Updated•12 years ago
|
Whiteboard: [qa+]
Comment 1•12 years ago
|
||
The only feature the native ID implementation will need from BigTent is to be able to query for which domains are supported by the ProxyIDP. We need this to restrict navigation to just that domain in the login window (in the secondary case, navigation is tied to browserid.org/persona.org and anything else is disallowed). If there is some reason not to expose the domain list, we could also simply keep two hardcoded lists in the client & server, but that's a bit more ugly.
Comment 2•12 years ago
|
||
Hi :anant, could you clarify exactly what information you need? In particular, I'm thinking that the email domain may not match the domain that gets loaded by BigTent. (Hotmail users, for instance, auth on a subdomain of live.com, not hotmail.com). We also can't prevent proxied IdPs from arbitrarily redirecting users, and I'm not sure we can fully enumerate valid domains beyond the first redirect. (Windows Live, at the very least, sends the user through two subdomains of live.com, and I'd expect that to change with the retirement of the Windows Live brand.) I imagine we could either provide a list of proxied email domains, or a list of valid initial redirect domains, but I'm not sure we can put together a comprehensive whitelist.
Comment 3•12 years ago
|
||
Should this be closed as a dupe of Bug #757983 or vice versa? There are more bugs hanging off of 757983...
Reporter | ||
Comment 4•12 years ago
|
||
Bug#757983 is for Ops. This bug is for the overall project.
Updated•12 years ago
|
Reporter | ||
Comment 5•12 years ago
|
||
Just a status update: The scope of the first release has been narrowed to Yahoo.com only. Based on our research, this is the smallest of the 3 providers and will allow us to gain experience with this new architecture before enabling others.
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•