tags:

views:

122

answers:

2

I read this comment in the OpenID post on the stackoverflow blog.

Kibbee says : One nice feature of OpenID that I use is the ability to delegate the openID verification. So I can set up my own domain name, and then put a tiny bit of XML on that page that tells the site (like stackoverflow) to go to some other openid Provider (in my case MyOpenID). The big plus is that I have complete control over my Open ID account. If MyOpenID goes down, I can just switch to another provider. I think anybody who has their own domain name should go for this option.

What is this tiny bit of XML that will allow my server to act as an openid provider/forwarder?

+5  A: 

Its called OpenID Delegation, it allows you to use your domain by forwarding any openid requests to the openid provide of choice.

Here is a guide with example code included.

http://www.windley.com/archives/2007/02/using_openid_delegation.shtml

An example from the guide:

<link rel="openid.server" 
       href="https://www.myopenid.com/server"&gt;
<link rel="openid.delegate" 
       href="http://windley.myopenid.com"&gt;

Edit: Unfortunately I can't use my google openid because they don't provide a server uri :(

John Himmelman
Woah, thanks for the quick response, I'm gonna try this out!
John Himmelman
Well, whatever Google OpenID you're using *has* a server URI, so you can always use that one. That doesn't necessarily mean the provider supports delegation, though. Yahoo, for example, currently always responds with their own claimed_id and ignores the fact that you're trying to use delegation.
keturn
Also, Sam's guide as linked is great, but be sure to see the updates in the comments for openid2. Namely, you want to add `openid2.provider` and `openid2.local_id` items, and/or an `X-xRDS-Location` header.
keturn
@keturn Yea, they don't provide one to the public/typical-google-users. I google'd around for the server uri, but apparently the situation with google's,and yahoo's, delegation support hasn't changed.
John Himmelman
Forget Googling for it, *every* OpenID identifier has to advertise these same URIs, "delegated" or otherwise. Get your OpenID, go to that page, look at the source, the server URI is in there, either as a `link rel` in HTML or a `signon` type `URI` in XRDS.
keturn
@keturn I've tried, the uri is https://www.google.com/accounts/o8/ud but I can't get it to work :/
John Himmelman
+2  A: 

from the StackOverflow Blog: Using your own URL as your OpenID.

Andrew Lewis