OpenID#

External sources#

openid4javaopenid4java APIInteresting article on ServerSide.com
A Recipe for OpenID-Enabling Your SiteBeginners GuideAttribute types
OpenID enabled sites Public OpenID providers-
The OpenID book(info)OpenID demo build-

Questions I currently have.#

  • Who decides, and how, which OP to use for authentication, is it the OpenID-enabled website, or is the user logging in (I would guess the first one)
    • answer: -
  • If the website decides which OP to use, can you configure multiple OP's, and an order ?
    • answer: Nope, the user's OpenID URL points to a webpage, this page contains the following HTML element: 
<link rel="openid.server" href="http://www.myopenid.com/server" />
<link rel="openid2.provider" href="http://www.myopenid.com/server" />
This determines where the consumer should ask for authentication.
  • Can the consumer control which OP's to allow and which ones not. (you could operate your own malicious OP , ne ?)
This page (revision-10) was last changed on 23-Apr-2022 17:05 by HarryMetskeTop