Ouch, my brain…

I’m in the web development business. I realise fully that consolidating signon stuff is complex and all that but surely, surely, there’s got to be something better than this:

  1. Clicking a login link on Ubuntu wiki to tend to a page.
  2. Being told that the “OpenID verification requires that you click this button”
  3. Being redirected to a form for my username and password.
  4. Being logged in and reaching the SSO profile page with the list of places I’ve logged in to ever. No indication of a “where you tried to log in to” link.
  5. Clicking the wiki.ubuntu.com one because that’s where I was trying to get to.
  6. Getting sent to the front page of wiki.ubuntu.com… logged out.
  7. Clicking the login link, again.
  8. Being told that the “OpenID verification requires that you click this button”
  9. Confirm that the information on the screen is me.
  10. Getting sent back to the wiki.ubuntu.com front page.
  11. Now all I have to do is find the page I was trying to edit.

I’m really hoping this was not normal operation, or I that did something wrong.

Is this really what our new contributors face?

Please say no. Pretty please. With a cherry…

This entry was posted in Unsorted. Bookmark the permalink.

5 Responses to Ouch, my brain…

  1. Now I have to find a wiki page that needs fixing, so I could see if the same thing happens to me.

  2. When I clicked Login, I saw the “OpenID auth requires that you click this button”, but then was redirected to the username+password page before I had time to react.

    Chromium’s latest daily builds appear to have broken password filling, so I had to dig up the password in my keyring.

    After that I got a confirmation page showing my identity info, with a Continue button that redirected me back to the wiki page I wanted to edit.

  3. Stuart Metcalfe says:

    That doesn’t sound like an ideal experience :(

    Here’s what should happen as things stand based on your steps (and how it works for me and others):

    ii: This should be invisible but due to page load times on the wiki and the way the current moin openid plugin works, it’s not. That button should also be submitted using JS if you haven’t turned it off. The same step happens on pretty much every other SSO sign in but it’s usually much less visible (see U1 login, for example).

    iii: This is expected. If you’ve logged in to SSO recently you won’t be prompted to login again.

    iv-vii: This is wrong – you shouldn’t see any of this in an OpenID transaction. I’ve heard of it happening to one other person but we’ve never been able to reproduce it. If you could file a bug on https://bugs.launchpad.net/canonical-identity-provider/+filebug and help us to diagnose/reproduce, that would be great.

    viii: This is expected – I guess you want to see what info’s being shared? We’re working on user-controlled auto-login on Ubuntu SSO which will enable you to remove this step for future logins (not sure on how soon that’ll land though – keep an eye on https://bugs.launchpad.net/canonical-identity-provider/+bug/600583). There’s also an admin option available now to always auto-login for specific sites which we could enable if the feature is wanted (and approved by whoever approves this kind of change on the wiki).

    xi: This is because of the issues you see in steps iv-vii. I don’t experience the same issue when logging in to a sub-page on the wiki.

    Hope that’s useful

    • melissa says:

      Hi Stuart,

      You’ve precisely isolated the bits that seem wrong to me; the rest wouldn’t have stirred a thought previously (the ‘required to click’ button almost always shows for me long enough for me to click it, I didn’t know it was supposed to auto-submit…)

      For the past week, on multiple networks, multiple machines and (since i swap between I cannot remember for sure while I’m home) possibly multiple browsers, I’ve been thrown back to that sso details site. The first time it happened was when logging in to refer to notes in ubuntu one. It happened a few times and I honestly didn’t know it was a bug nor have I had the chance to research much. At one point, I even logged out of ubuntu one (I think it was the ubuntu one site, anyway) to have an sso screen tell me that I was logged out but it couldn’t log me out of ubuntu one… could this be related?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>