Feature #35755

Drop OpenID support

Added by Go MAEDA 6 months ago. Updated about 1 month ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:Go MAEDA% Done:

0%

Category:OpenID
Target version:5.0.0
Resolution:Fixed

Description

Redmine currently supports OpenID authentication.

However, OpenId was obsoleted by OpenID Connect some years ago and most OpenID providers discontinued their services. Now it is very difficult to find a web service with an OpenID provider service. This means that it is difficult for Redmine users to start using OpenID login. And it is not easy for us to test if Redmine's OpenID support is working properly.

Given this situation, probably very few users are using OpenID login in Redmine. I think it is time to remove OpenID support from Redmine.

0001-Drop-OpenID-authentication-support.patch Magnifier (125 KB) Go MAEDA, 2021-09-05 09:28


Related issues

Related to Redmine - Defect #35688: OpenIdAuthentication alias_method_chain Closed
Related to Redmine - Defect #32293: Redmine does not start if optional openid gems are not in... Closed
Related to Redmine - Feature #699: OpenID login Closed 2008-02-20
Related to Redmine - Defect #36326: Missing div tag in views page Closed

Associated revisions

Revision 21312
Added by Go MAEDA about 1 month ago

Drop OpenID support (#35755).

Patch by Go MAEDA.

Revision 21314
Added by Go MAEDA about 1 month ago

Remove empty files (#35755).

Revision 21318
Added by Go MAEDA about 1 month ago

Fix a missing closing div due to r21312 (#35755, #36326).

Contributed by Enziin System.

History

#1 Updated by Mischa The Evil 6 months ago

Go MAEDA wrote:

However, OpenId was obsoleted by OpenID Connect some years ago [...]

I hadn't noticed that change.

Go MAEDA wrote:

[...] And it is not easy for us to test if Redmine's OpenID support is working properly.

Well, AFAIK it isn't working OOTB properly at least. And that already for 10(+) years. See #3780, #5966, #11778 and the 'OpenID Fix' plugin by Andriy Lesyuk.

Go MAEDA wrote:

[...] I think it is time to remove OpenID support from Redmine.

I agree. +1. And I think that JPL would wholeheartedly agree too (given the thoughts he expressed at the time in #699#note-14)...

#2 Updated by Holger Just 5 months ago

  • Related to Defect #35688: OpenIdAuthentication alias_method_chain added

#3 Updated by Go MAEDA 5 months ago

Here is a patch to drop OpenID.

#4 Updated by Go MAEDA 5 months ago

  • Related to Defect #32293: Redmine does not start if optional openid gems are not installed added

#5 Updated by Marius BALTEANU 2 months ago

  • Target version set to 5.0.0

Let's drop this.

#6 Updated by Go MAEDA about 1 month ago

  • Status changed from New to Closed
  • Assignee set to Go MAEDA
  • Resolution set to Fixed

Committed the changes. Redmine no longer supports OpenID.

#7 Updated by Go MAEDA about 1 month ago

#8 Updated by Go MAEDA about 1 month ago

Also available in: Atom PDF