EVE Information Portal

Single Sign-On (SSO) is a pretty nifty mechanism utilized for example on the EVE Online support, forum and account management pages. SSO is a way for users to log into one web site using their username and password from another web site.

For the longest time EVE Online SSO was only used on sites operated by CCP, but CCP FoxFour comes with exciting news on how third party sites will be able to use the SSO mechanism in the future.

Currently EVE Online SSO is tested by selected third party sites. Read all about EVE Online SSO on third parties in CCP FoxFour's latest blog EVE Online SSO and what you need to know!

We have this total rubbish, but we still can't change characters without relogging? What a load of poppycock.

Man, missed first post as I was AFK. :(

Anyways, really looking forward to getting the SSO out there and seeing it in more use. :D

Is the "CharacterOwnerHash" (CharacterOwnerHash: "XM4D...FoY=") always the same? So that we can use it for non eve websites as well?

I'm working for a very large company on a brand new web portal and since our main target group are technical focused people we'd love to let them use this portal via eve login. :)

Uh, One's extending the login tech that's already in use with CCP (take a look at logging into the community site, the wiki, and the forums), and the other is going through the entirety of the eve client code, looking for code where the assumption was made that the character id wouldn't change.

Teeny difference there.

In other news:

Woo! I get to turn this on, now that the devblog is out.

Right now, it doesn't add any functionality to my site. It will be used with the little things initiative the CSM is doing. (I just have to finish writing the code for that) along with custom RSS feeds for evebloggers.com (when I write the support for that) and for storing blueprints/various skill levels on my other industry applications (when I write the code. you may notice a theme here)

https://github.com/fuzzysteve/eve-sso-auth is the basis of the code I'm using. Though I'm seriously considering moving the corp/alliance check to the login time, to grab changes 'immediately'. That'll be changed later.

Amazon has you sign on once for each account, then you can select which account thru a drop down menu

1:
Character id
Character name
a non-reversible hash of your character id, and your account id.


The last is so we can know when a character changes hands. It's not useful for anything else.


2: If you tick the 'remember me' box, it does work that way. It's how pretty much all auth systems work online.

So ...my 5 year old nephew with a laptop can break 128 bit encryption with a laptop in 45 seconds. There is that. Just so we are all on the same baseline. I get the whole internet uses it. But just for the lay-man reading my post. Just be aware.

Second....

I get CCP is trying to supplement their talents and reward the talents of others at the same time an this is the "way" to do it, but I am just not seeing how this is anywhere near a good idea.

I get that you told me it is not going through their servers and that you hand off that information to them in the form of Character name...but without looking at the code, and given CCP's past experience with security, I just don't feel comfortable (and I know you won't disclose more, nor should you), with this procedure.

I use it on Facebook because Facebook for me is a total farce and bull$#!t, so I don't care if my stuff get's stolen. Hell Facebook got caught the other day (again) manipulating people's posts...that is how reliable that service is. But this is EVE and my account has trained for years and I pay money.

I think a lot of account info is going to be lost this way. At the very least to spoofing. How many people ACTUALLY read dev blogs, let alone understand them.

Limited - again - I get it.

Just saying.

Either buy these programs and hire these people part-time to work at CCP and bring this stuff on property, or not at all.

My .02 isk.

suddenly I understand why forums.eveonline, secure.eveonline, and community.eveonline require separate logins.