tags:

views:

35

answers:

1
Q: 

How do I link an OpenID provider to multiple databases

Does an OpenID provider need to create his own database or can he use multiple databases(for example when the user creates an OpenID, the user,pass,email are provided from one of those databases). I wouldn't like to create another database containing the info from the others , I would like to write in them the ids and probably some flags that show me when the user is logged or not. To be clear, I have a webmail application and a music download application. When the user is logged into webmail he should only provide the OpenId to the music download application and then should be logged in. If he's not logged in the mail application he should be redirected to the provider (I am using Community ID 1.2.1 written in PHP) where he should provide the user and password from the mail database.

Another question, related to the first: if a user changes his password in one of those databases after he has created an OpenID the id remains usable, right?

A: 

I've come across this issue several years back when I worked for a company that had several online applications but needed 1 login for 1 person to be able to access all 3 websites.

The solution is to create a "master security database" that holds the information you require for successful login. You'd have a couple of tables within that database where the user's permissions are defined in as well, when the user logs in from either the webmail application or the music download application, the security database is checked for valid credentials and you can persist the login through-out (and across multiple sites) by passing something like a salted MD5 hash so that a user only have to login once, and when forwarded to the next website, automatically get logged in.

You can then extend the "user table" you'll have in the security database with a corresponding user table in the specific website database (who doesn't carry an auto-incremented UserID key, but references the security database' key). So in your music application you can store information like "Playlists" or some other demographic type information only used by your music website, same goes for your webmail site.

Combine this with OpenID and you have a very powerful system to use across all your sites only requiring one login.

AcidRaZor  2010-07-26 14:04:16

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases