EVE Information Portal

 
  • Topic is locked indefinitely.
8 Pages123Next pageLast page
 

Dev blog: EVE Online SSO and what you need to know

First post First post
Author
C C P Alliance
#1 - 2014-07-03 14:02:01 UTC  |  Edited by: CCP Gargant
Single Sign-On (SSO) is a pretty nifty mechanism utilized for example on the EVE Online support, forum and account management pages. SSO is a way for users to log into one web site using their username and password from another web site.

For the longest time EVE Online SSO was only used on sites operated by CCP, but CCP FoxFour comes with exciting news on how third party sites will be able to use the SSO mechanism in the future.

Currently EVE Online SSO is tested by selected third party sites. Read all about EVE Online SSO on third parties in CCP FoxFour's latest blog EVE Online SSO and what you need to know!

CCP Phantom - Senior Community Developer

Goonswarm Federation
#2 - 2014-07-03 14:11:32 UTC  |  Edited by: Mashie Saldana
Yum yum, SSO.

Ok so when will we have a single login for the EVE server?
Amarr Empire
#3 - 2014-07-03 14:11:45 UTC  |  Edited by: IceGuerilla
We have this total rubbish, but we still can't change characters without relogging? What a load of poppycock.
#4 - 2014-07-03 14:16:34 UTC
poppycock as in caramel glazed popcorn?
C C P Alliance
#5 - 2014-07-03 14:20:49 UTC
Man, missed first post as I was AFK. :(

Anyways, really looking forward to getting the SSO out there and seeing it in more use. :D

@CCP_FoxFour // Technical Designer // Team Tech Co

Third-party developer? Check out the official developers site for dev blogs, resources, and more.

Amarr Empire
#6 - 2014-07-03 14:35:40 UTC
What are the odds of getting a Single Sign-on for multiple Eve accounts for all of these services?

I have more accounts than is practical to switch logins.

For instance, I have 7+ characters I keep track of using Eveboard and zkillboard, would SSO be useful in situations like that?
Caldari State
#7 - 2014-07-03 14:38:19 UTC
Is the "CharacterOwnerHash" (CharacterOwnerHash: "XM4D...FoY=") always the same? So that we can use it for non eve websites as well?

I'm working for a very large company on a brand new web portal and since our main target group are technical focused people we'd love to let them use this portal via eve login. :)

can't delete signature

The Devil's Warrior Alliance
#8 - 2014-07-03 14:45:00 UTC
Vote Steve Ronuken for CSM
#9 - 2014-07-03 14:52:14 UTC
IceGuerilla wrote:
We have this total rubbish, but we still can't change characters without relogging? What a load of poppycock.



Uh, One's extending the login tech that's already in use with CCP (take a look at logging into the community site, the wiki, and the forums), and the other is going through the entirety of the eve client code, looking for code where the assumption was made that the character id wouldn't change.

Teeny difference there.

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter

Coalition of the Unfortunate
#10 - 2014-07-03 14:54:21 UTC
I'm really looking forward to this when it becomes publicly available. When I made my EVE website, half the difficulty was going through all the loops to verify users, which relied on sending secret codes as the reason field in ISK donations, due to that being the most rapidly enumerated API.

Was a pain in the ass.
Vote Steve Ronuken for CSM
#11 - 2014-07-03 14:56:08 UTC
In other news:

Woo! I get to turn this on, now that the devblog is out.

Right now, it doesn't add any functionality to my site. It will be used with the little things initiative the CSM is doing. (I just have to finish writing the code for that) along with custom RSS feeds for evebloggers.com (when I write the support for that) and for storing blueprints/various skill levels on my other industry applications (when I write the code. you may notice a theme here)

https://github.com/fuzzysteve/eve-sso-auth is the basis of the code I'm using. Though I'm seriously considering moving the corp/alliance check to the login time, to grab changes 'immediately'. That'll be changed later.

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter

Pandemic Legion
#12 - 2014-07-03 14:56:45 UTC
What about Amazon??

I **THOUGHT** I was using SSO to sign on there for like a year now???

Pandemic Legion
#13 - 2014-07-03 14:58:29 UTC
Shane Merol wrote:
What are the odds of getting a Single Sign-on for multiple Eve accounts for all of these services?

I have more accounts than is practical to switch logins.

For instance, I have 7+ characters I keep track of using Eveboard and zkillboard, would SSO be useful in situations like that?



Amazon has you sign on once for each account, then you can select which account thru a drop down menu
Blades of Grass
#14 - 2014-07-03 15:00:50 UTC
ok a few question,

1 - what information if any do the sso site owners get.

2 - when are you going to give us a single log in for eve, just now if you go to the forum you have to log in, go to the account management area log in again same for evelopedia.

Vote Steve Ronuken for CSM
#15 - 2014-07-03 15:12:11 UTC  |  Edited by: Steve Ronuken
cpu939 wrote:
ok a few question,

1 - what information if any do the sso site owners get.

2 - when are you going to give us a single log in for eve, just now if you go to the forum you have to log in, go to the account management area log in again same for evelopedia.




1:
Character id
Character name
a non-reversible hash of your character id, and your account id.


The last is so we can know when a character changes hands. It's not useful for anything else.


2: If you tick the 'remember me' box, it does work that way. It's how pretty much all auth systems work online.

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter

Hole Control
#16 - 2014-07-03 15:20:42 UTC
I smell trouble ahead... I wonder how many users will fall prey to account phishing sites? Shocked
Virtus Crusade Protectorate
#17 - 2014-07-03 15:21:28 UTC  |  Edited by: Ms Michigan
So ...my 5 year old nephew with a laptop can break 128 bit encryption with a laptop in 45 seconds. There is that. Just so we are all on the same baseline. I get the whole internet uses it. But just for the lay-man reading my post. Just be aware.

Second....

I get CCP is trying to supplement their talents and reward the talents of others at the same time an this is the "way" to do it, but I am just not seeing how this is anywhere near a good idea.

I get that you told me it is not going through their servers and that you hand off that information to them in the form of Character name...but without looking at the code, and given CCP's past experience with security, I just don't feel comfortable (and I know you won't disclose more, nor should you), with this procedure.

I use it on Facebook because Facebook for me is a total farce and bull$#!t, so I don't care if my stuff get's stolen. Hell Facebook got caught the other day (again) manipulating people's posts...that is how reliable that service is. But this is EVE and my account has trained for years and I pay money.

I think a lot of account info is going to be lost this way. At the very least to spoofing. How many people ACTUALLY read dev blogs, let alone understand them.

Limited - again - I get it.

Just saying.

Either buy these programs and hire these people part-time to work at CCP and bring this stuff on property, or not at all.

My .02 isk.
Vote Steve Ronuken for CSM
#18 - 2014-07-03 15:28:13 UTC
Ms Michigan wrote:
So ...my 5 year old nephew with a laptop can break 128 bit encryption with a laptop in 45 seconds. There is that. Just so we are all on the same baseline. I get the whole internet uses it. But just for the lay-man reading my post. Just be aware.



Citation needed.

Woo! CSM XI!

Fuzzwork Enterprises

Twitter: @fuzzysteve on Twitter

#19 - 2014-07-03 15:33:08 UTC
suddenly I understand why forums.eveonline, secure.eveonline, and community.eveonline require separate logins.
#20 - 2014-07-03 15:41:05 UTC
SSO is the first step for having chat available via API ;)

how to fix eve: 1) remove ECM 2) rename dampeners to ECM 3) add new anti-drone ewar for caldari 4) give offgrid boosters ongrid combat value

8 Pages123Next pageLast page
Forum Jump