BrightSide introduces Persona, a Single Sign On system developed and hosted at Mozilla

New & Noteworthy
16/12/13
Lluis Turró Cutiller
17.575
0
persona

OpenID has been the SSO universally accepted in social networks, once accepted that not everyone using it kwew what was this all about. Persona, formerly BrowserId, irrupted in SSO world with force, simplicity and open sourced. The ingredients seem perfect to atract developer interes.

Sign once, be recognized ever

That's what we expect from an SSO, not being asked every time for our nick name and password. The fact that security is one of the main factors when we sign into a system, may not be so atractive to the final user, but it is to developers. SSO systems are secured with SSL and this is a must have requirement for web based aplications.

BrightSide implementation of Persona

BrightSide allows and recomends using Persona to sign into the system. Major benefits:

  • Sign without password, but with your email. Persona takes care of asking, whether necessary, the Persona password.
  • Verify your identity using your own email.
  • Long term sessions.
  • Sign in and out of web sites separately. Persona remembers where the session was audited.
  • Sign up in less than one minute, manage your account in Persona's site.
  • Single account, multiple web sites.

How it works

Persona site already has multiple examples on different languages. Anyway, I'll publish the source code with the main changes I made to achieve the implementation. I'll also try to provide an easy explanation on how the system works and which security risks you may avoid on your system.

Update: the article about Persona implementation is here Persona implementation using Java, the whole story.

Learn more about Persona at https://login.persona.org.

Comentaris