have anyone tried this, create openid4j servlet and try authenticate with google openid? i tried it and fail and so want to get confirmation from you all. i able to authenticate with yahoo_email and myopenid.com
A:
Well, right now I'm logged in as a Google openid account. The trouble is that they have supported a strange blend of OAuth and OpenID, so I don't know how one would implement it on one's own servers. At least for Stack Overflow, my OpenID URL is www.google.com/accounts/o8/id, without the comma, obviously.
Fat Lotus
2009-07-07 16:01:13
They do support an OpenID+OAuth hybrid extension to OpenID, but that's irrelevant to raw OpenID. Your OpenID URL isn't `www.google.com/accounts/o8/id` either... that's just the OP Identifier. You're OpenID URL from Google is actually much longer and hash-looking than that.
Andrew Arnott
2009-07-07 17:15:52
+3
A:
I don't have personal knowledge of openid4j, but I can't imagine they wouldn't support Google's OpenID. Google OpenID is just standard OpenID 2.0, although they have a few notable differences in normal behavior that you should be aware of:
- You should kick off authentication by supplying the URL
https://www.google.com/accounts/o8/idinstead of justgmail.comorgoogle.comsince Google hasn't made those simple domain names OP Identifiers yet. - They don't support delegation, and you cannot start an authentication using a user's claimed_id. Only OP Identifiers work.
- If the user clicks "Always remember me" for the site during login, Google won't supply any AX attribute values to the RP on subsequent logins (the RP must store the initially received values).
Andrew Arnott
2009-07-07 17:14:50