views:

87

answers:

2

Referencing http://stackoverflow.com/questions/1827997/is-facebook-an-openid-provider here. This is kind of an additional question based on it.

I have also read the article at : http://stackoverflow.com/questions/2264266/what-is-the-openid-url-of-facebook - but I am still pretty confused on the whole ordeal. The goal is for people who use facebook to easily login to our website, not to neccessarily integrate with facebook and add things to it (yet). I have read the documentation on facebook connect and am still having trouble grasping exactly what we need to do to accomplish this.

I notice that it says that facebook accepts openid logins - so in theory someone with a facebook account could login to a site that took other openid logins, correct? Or do I have to code a separate 'facebookconnect' system just to accept logins from facebook accounts?

+2  A: 

There is a difference between an OpenID provider (who gives you a URL you can log into other sites with) and an OpenID consumer (who lets you log into their site using an OpenID URL).

Someone who "accepts openid logins" sounds like a consumer, but your description "someone with a facebook account could login to a site that took other openid logins" is describing a provider.

There's nothing stopping a site being both a consumer and a provider, but as far as I know, Facebook isn't one.

Gareth
I believe we are aiming to be a consumer. We have implemented a basic DotNetOpenAuth relying party login that takes Google, OpenID, MSN, Yahoo, and AOL so far. The user clicks the button for whichever service they have an account for, is taken to that providers authentication page, and returned to our website logged in.
Stacey
So I'm still unsure of what to do from here. So using OpenId, we cannot let facebook users login to our site?
Stacey
You are right, you cannot. Facebook is not an OpenID provider, so you can't login with Facebook account to Stack Overflow or to your site.
wRAR
+1  A: 

You have to code a separate "Facebook Connect" system just to accept logins from Facebook accounts, they do not use the OpenID standard.

RPX is a commercial service that offers a way to cut down on some of the confusion.

keturn
Unfortunately I haven't been able to get RPX to work. Their examples do not work at all, and I have not been able to find any kind of support.
Stacey
Well, so much for that plan then. I guess you'll be needing to do facebook connect integration. If you've already done OpenID, it shouldn't be too hard. The protocols are different, but many of the necessary workflow elements and abstractions are the same.
keturn