openid

Integrating OpenID in web site without using Local Database User Registration

I have local table for user accounts UserID(nvarchar),Password,email, lastname roles etc. Now UserID is used in every child tables.I want to enable OPENID registration at the moment in my site , and will integrate local user registration functionality later.Should i Insert openid-claimidentifier into local user account (USERID column...

Confusion on using django socialauth

http://github.com/uswaretech/Django-Socialauth/tree/master/socialauth/ I'm a bit confused on how I should use this. Of course, I read the notes at the bottom but I'm a Django novice so I'll need a little hand holding. The structure of this looks like a project structure since it contains a urls.py but I'm also aware that applications ...

OpenID Simple Registration (sreg) vs. Attribute Exchange (ax)

What is the relationship between the OpenID sreg and ax extensions? How does a relying party know which one to request, or both? ...

provider discovery url in windows live id

Microsoft has announce that WindowsLiveID become a OpenID provider. I want implement it in my application but I can't find the provider discovery URL. In blog post they call about live.com but it's doesn't works. Anyone know this provider discovery URL ? ...

Authentication mechanism comparison

I have to start a new project where user authentication/management will be required. A lot of websites use existing authentication mechanisms like facebook/twitter/openID/google/etc (even SO). While I might understand that they are used to simplify some parts of this workflow can someone enumerate the pluses and minuses of using one o...

OpenId + Facebook Connect

Hi! I have a request for implementing a login system using local credentials + openId + facebook-connect. So a user could sign up/sign in using any of the 3 possibilities. I think that allowing OpenId AND facebook connect adds some flexibility in one had, but in other hand adds some restrictions since you have to integrate all differen...

Best Practices For Secure APIs?

Let's say I have a website that has a lot of information on our products. I'd like some of our customers (including us!) to be able to look up our products for various methods, including: 1) Pulling data from AJAX calls that return data in cool, JavaScripty-ways 2) Creating iPhone applications that use that data; 3) Having other we...

Is OpenId easier or harder for users?

I'm wondering if I should use OpenId for my website. My first exposure to OpenId was StackOverflow, and I found it confusing that they only had a login link, yet no register link. Now that I've learned about OpenId though I prefer it over the regular way of registration. I have a feeling that only a small percentage of the internet us...

How do I extract Info associated with any OpenID provider?

OpenID providers like GOogle,Yahoo etc also stroes user info like Name,email etc. Is it possible to retrieve it by using OpenID Selector(http://code.google.com/p/openid-selector/)? If yes then how do I fetch it? is the OpenID URL same every time when a user logs in? if yes ten may I store that handler in DB? I am using PHP. ...

Django openid authentication with google

Hello I am looking into authenticating via google. I dont understand how it works:http://code.google.com/apis/accounts/docs/OpenID.html#Samples If i do that 2nd request by entering the data as one url with params into browser i get back XML file. Should i not get back sample response nr3? Can somebody explain this to me? The problem ...

Why my Google endpoint is always the same?

always: https://www.google.com/accounts/o8/ud i got wordpress openid ok. so i think is is just discovery phase got some probelms.. <?php $ch = curl_init(); $url = 'https://www.google.com/accounts/o8/id'; $url = $url.'?'; $url = $url.'openid.mode=checkid_setup'; $url = $url.'&openid.ns=http://specs.openid.net/auth/2.0'; $url = $u...

Active Directory as OpenID provider?

Can an Active Directory be used as a OpenID provider? WIF is an option, but it's quite complicated and not very widespread. ...

Retrieve OpenId FullName from Google

I'm using DotNetOpenAuth lib to work with Google(only) OpenId. And I'm retrieving Email without any problem. But I can't get FullName, it is always null. request.AddExtension(new ClaimsRequest { Email = DemandLevel.Require, FullName = DemandLevel.Require }); ClaimsResponse claimsResponse = rel...

JanRain OpenID in PHP SREG?

I setup the demo with a modified login I found called open-id selector. the login works fine and the identity url comes back, but the SREG data I ask for is never populated, required or optional. I am logging into my page with a gmail account. Here is the code from my try_auth.php that I edited $sreg_request = Auth_OpenID_SRegRequest::b...

JanRain PHP OpenID: How to check if a provider supports AX programmatically?

Ok, my problem is that some providers support SREG and some support only AX I need to know how it is that I can request from the provider which methods they support.. I tried looking through the documentation here http://openidenabled.com/files/php-openid/docs/2.1.3/ but I didn't see anything. ...

DotNetOpenAuth RelayParty not working on load balanced cluster

We're trying to move an ASP.NET MVC application, which uses DotNetOpenAuth OpenID Version 3.4.1, from a single server web garden to a physical server cluster held behind a hardware load balancer. Our old setup (OpenID RP working): Browser => SHTTP => Server => WebGarden => Nonce/Session Store Our new setup (OpenID RP not working): Br...

OpenId with Desktop Application ?

We're using an API from a provider; in their next version, they would provide an OpenId server but mostly the users are using their desktop application. An other website we're building would be opened from this application and we supposedly would connect with openid to access the resources stored in this provider. Still I don't understa...

OpenID and Authlogic - login and password?

How can I get rid of validation messages telling me that: Login is too short (minimum is 3 characters) Login should use only letters, numbers, spaces, and .-_@ please. Password is too short (minimum is 4 characters) Password confirmation is too short (minimum is 4 characters) this happens even before map_openid_registration is called,...

How do DotNetOpenAuth whitelist and blacklists work?

Does anyone have any documentation on DotNetOpenAuth and the way it handles while lists and black lists? My config <untrustedWebRequest> <blacklistHosts> <add name="*" /> </blacklistHosts> <whitelistHosts> <add name="www.mysite.ca" /> <add name="mysite.ca" /> <add name="devel...

Same OpenID code working on 1 server not working on another

We implemented OpenID for Google Marketplace on this online hosting and it worked perfectly fine. But its not working on another server which DOES NOT have cPanel unlike the online hosting. Its failing authentication with this message: "Nonce already used or out of range" Does anyone have any idea what could be causing this problem? ...