openid

OpenID support for Ruby on Rails application

What is current state of the art for enabling OpenID login in Ruby on Rails applications? This is a community wiki with up-to-date answers to this question. Authlogic The most advanced authentication solution seems to be Authlogic. It supports OpenID with Authlogic OpenID plugin. It supports Rails 3.0 and 2.x. You may want to watch...

OpenID login workflow?

When someone logs into a site using Open ID, what goes on behind the scene? can someone explain to me the work flow/steps of what happens during a typical login from a partner open ID site? (like this site) i.e. when I login at myopenid, what is passed into this site? how does SO know it was a correct login? ...

PHP Tutorial for OpenId and OAuth

Is there a good tutorial for implementing OpenId and OAuth together in PHP? All of the OpenId tutorials I've seen on the official OpenId site haven't been as helpful or as simple as they could have been. I don't think I've seen any tutorials on using both of them together. (For OpenId, I'd want to be both a provider and a consumer.) If t...

OpenID Migration

I'm curious about OpenID. While I agree that the idea of unified credentials is great, I have a few reservations. What is to prevent an OpenID provider from going crazy and holding the OpenID accounts they have hostage until you pay $n? If I decide I don't like the provider I'm with this there a way to migrate to a different provider wit...

how to get login credentials by openId?

Is is possible to get login credentials such as name/id if user does login by openId ...

OpenID providers - what stops malicious providers?

So I like the OpenID idea. I support it on my site, and use it wherever it's possible (like here!). But I am not clear about one thing. A site that supports OpenID basically accepts any OpenID provider out there, right? How does that work with sites that want to reduce bot-signups? What's to stop a malicious OpenID provider from s...

What is the value of href attribute in openid.server link tag if Techorati OpenID is hosted at my site?

I want to log in to Stack Overflow with Techorati OpenID hosted at my site. http://stackoverflow.com/users/login has some basic information. I understood that I should change <link rel="openid.delegate" href="http://yourname.x.com" /> to <link rel="openid.delegate" href="http://technorati.com/people/technorati/USERNAME/" /> but i...

What are some good OpenID libraries?

I was thinking about using OpenID for I site I am building and was wondering if any libraries or scripts exist for making OpenID easier to implement. (Why reinvent the wheel?) I was planning on using PHP for the site because it is going to be fairly simple and small, so a php script would be ideal. But any language would be great. Than...

Where can I find some up to date information on OpenID authentication with rails?

The question says it all. I can't seem to find any recent rails tutorials or whatever to set up an OpenID authentication system. I found RestfulOpenIDAuthentication but it's so much older than the vanilla Restful Authentication and the docs don't even mention Rails 2 that I am pretty wary. Does anyone have any tips? I'd like to do wh...

Is there a OpenID provider in Europe?

Does anybody know a Europe-based provider for OpenID? I am not using one of the well-known bigger services (Yahoo,..). ...

How is OpenID implemented?

How would you design and implement OpenID components? (Was "How does OpenId work") I realize this question is somewhat of a duplicate, and yes, I have read the spec and the wikipedia article. After reading the materials mentioned above, I still don't have a complete picture in my head of how each step in the process is handled. Maybe...

Using OpenID as a login for my website - redundant providers

How do I support redundancy on my OpenID login website? For instance, I have users that demand 100% uptime (yeah, right, but let's get as close as we can). Some of them use less available providers (ie, myphpid on their own website, or an ID on a startup which has frequent downtime). Now I can shuttle them to a more reliable provider...

OpenID Over SSL with self signed certificate

I setup my own open id provider on my personal server, and added a redirect to https in my apache config file. When not using a secure connection (when I disable the redirect) I can log in fine, but with the redirect I can't log in with this error message: The underlying connection was closed: Could not establish trust relationship for...

What's the best way to add tags to the head in Plone?

I want to add the link tags to redirect my web-site to my OpenID provider. These tags should go in the head element. What's the best way to add them in Plone? I understand that filling the head_slot is a way to do it, but that can only happen when you are adding a template to the page and that template is being rendered. In my case I'm ...

How to address OpenID providers downtime?

OpenID is all good... UNTIL the provider goes down. At that point you're potentially locked out of EVERYTHING (since you jumped on the bandwagon and applied OpenID everywhere you could). This question came up because I can't, for the life of me, login with my myopenid.com provider. :-( ...

Can I use OpenId with the ASP MembershipProvider?

I have a ASP.Net 2.0 website that is currently using a custom MembershipProvider and the standard login control. I would like to replace the login control with the one from DotNetOpenId. I override the ValidateUser which checks the username and password, but I shouldn't need to implement this when using OpenId. Is it possible to use O...

OpenID retrofitting and can I trust where sensitive data is involved?

I am considering adding OpenID to our customer facing admin and control panel areas... 1 - Associating OpenID's With Existing Accounts For customers that already have accounts with us, I'm thinking they would need to login using their existing account number that we issue and then I'd have a mechanism to associate their OpenID with tha...

How do you develop against OpenID locally

I'm developing a website (in Django) that uses OpenID to authenticate users. As I'm currently only running on my local machine I can't authenticate using one of the OpenID providers on the web. So I figure I need to run a local OpenID server that simply lets me type in a username and then passes that back to my main app. Does such an Op...

Are there any security risks associated with me using OpenID as the authentication method on my site?

Is OpenID a secure method of authentication users on a website? And, if not, what are the security risks associated with OpenID? ...

OpenID authentication error.

When I try to login to this site using my yahoo openid, it takes me to the yahoo site, I click "continue" meaning that i want to send my authentication details to stackoverflow.com and stackoverflow.com gives me the following error underneath the login text field: Unable to log in with your OpenID provider: failed to authenticate, retu...