http://openidforum.com/ RSS 2.0 feed of OpenID Forum Software and More to Identify you en IceBB http://getsatisfaction.com/ includes openID
or openID only
then pricing is per mo or yr?
may get only the service of log-in to my site, via other site (facebook, google,...,openID) and nothing more? ]]> http://openidforum.com/index.php?topic=4&pid=6 Tue, 15 Mar 2011 22:02:21 +0100 lse123 6 I'm not sure I can help you, but since I am very interested in "immediate mode" and don't fully understand it, I try anyway, and hopefully we find the answer together.

I went to facebook after reading your post, because I knew, fb is using immediate mode.

If you can't imagine how the immediate mode can be usefull, then read this: http://www.insidefacebook.com/2009/05/18/facebook-launches-openid-support-users-can-now-login-with-a-gmail-account/ , especially the part about "it’s important for us not to send them off to a site and have a bad experience".

Now if you go to facebook.com and turn on some sniffer, e.g. wireshark, you may see what requests are issued...your browser issues openid auth requests to all openid accounts, which are associated with your fb account (accounts which you linked to fb under settings). I use/linked myopenid.com and my browser issues following request:
GET /server?openid.assoc_handle=%7BHMAC-SHA1%7D%7B4b1d73a2%7D%7BsDOQdg%3D%3D%7D&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_immediate&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.ui=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fui%2F1.0&openid.realm=https%3A%2F%2Fwww.facebook.com%2F&openid.return_to=https%3A%2F%2Fwww.facebook.com%2Fopenid%2Freceiver.php%3Fprovider_id%3D1010459836373%26protocol%3Dhttp%26context%3Dbackground_login%26request_id%3D1&openid.ui.icon=true&openid.ui.mode=popup HTTP/1.1
Host: www.myopenid.com
...

The immediate mode presumes, that i am logged in at myopenid.com and since my browser is issuing the request, myopenid checks my cookies and should know it's me. Second prerequisite is, that i approved for fb to make immediate requests, so none approval is neccessary and mopenid responses with an authentication response (basically just "yes" or "no"), though I'm not sure about how this response is then associated with the fb window. i'd like to know, how exactly fb gets the response from myopenid.com. I guess it's an ajax request and the response can be then parsed by js and send to fb in another ajax request, fb then sees if the response was positive and checks signature. if it is valid, fb redirects you with javascript to your account as a 'logged in' user. but keep in mind, that i only assume it works this way!

I hope it was at least a little helpful!

regards,
sovo ]]> http://openidforum.com/index.php?topic=3&pid=5 Thu, 17 Dec 2009 00:13:48 +0100 sovo 5
I think I clearly got the concept of OpenID-Authentication-2.0. But while thinking of the Authentication-Request-Response process I really can not imagine how "immediate requests" can be useful.

This kind of request works without user interaction. What happens in the end is to my understanding that the RP checks the user claimed identifier without verifying the user's identity. Maybe he has already checked the identity but why should he afterwards check the identifier again? To make sure that the user still exists without bothering him again with some authentication/identification process? I don't get it.

So, it would be nice to have a little discussion about this or better: an expert answere :)

Greetings,
zeitgeist09 ]]> http://openidforum.com/index.php?topic=3&pid=4 Fri, 04 Dec 2009 15:31:16 +0100 zeitgeist09 4
OpenID Authentication provides a way to prove that an end user controls an Identifier. It does this without the Relying Party needing access to end user credentials such as a password or to other sensitive information such as an email address.

OpenID is decentralized. No central authority must approve or register Relying Parties or OpenID Providers. An end user can freely choose which OpenID Provider to use, and can preserve their Identifier if they switch OpenID Providers.

While nothing in the protocol requires JavaScript or modern browsers, the authentication scheme plays nicely with "AJAX"-style setups. This means an end user can prove their Identity to a Relying Party without having to leave their current Web page.

OpenID Authentication uses only standard HTTP(S) requests and responses, so it does not require any special capabilities of the User-Agent or other client software. OpenID is not tied to the use of cookies or any other specific mechanism of Relying Party or OpenID Provider session management. Extensions to User-Agents can simplify the end user interaction, though are not required to utilize the protocol.

The exchange of profile information, or the exchange of other information not covered in this specification, can be addressed through additional service types built on top of this protocol to create a framework. OpenID Authentication is designed to provide a base service to enable portable, user-centric digital identity in a free and decentralized manner.

Complete document here. ]]> http://openidforum.com/index.php?topic=2&pid=3 Mon, 11 Aug 2008 01:01:33 +0200 okID 3 OKid.ME

Usage username.okid.me in any OpenID enabled website.

At the Prompt enter your username and password. Once you have logged in, your credentials are good for any other OpenID website you visit.

To Delete your secure session @ public terminals etc, close the browser window. :D ]]> http://openidforum.com/index.php?topic=1&pid=2 Fri, 08 Aug 2008 07:02:13 +0200 Shaman 2