Hello fellow XWikiers,
In the Google Apps world, we would like to make it possible to allow Wikis whose admin has checked the “prevent checkbox” (Prevent unregistered users from viewing pages, regardless of the page rights) to use Google-based login.
This fails currently, because a call to /jsx/GoogleApps/JSExtension
is also prevented.
It would also fail for any bounce URLs (e.g. a request to login which needs to redirect to an external site, and a redirection back from the external site that would log-in the user).
I believe that the inclusion JS-extensions (and style extensions) and the existence of bounce URLs are actually common to many other login extensions: OpenID would certainly be one.
Do you, developers of a login-extension, share this view?
By this thread, I would like to get a common-vision on how to adapt our login-application to this checkbox and make sure that the developers of other such extensions can take advantage of it. I would summarise the result of this discussion in a design page.
paul
PS: A workaround is to use prevent-rights (or, similarly, some view rights for groups where xwikiguest is not) but the sense of the checkbox is then not there anymore: It is more trustable than rights that can be done.