Difference between revisions of "OpenID"

From GeeklogWiki
Jump to: navigation, search
(OpenID support in Geeklog)
 
m (added a link to the GSoC OpenID 2.0 Project)
 
(4 intermediate revisions by the same user not shown)
Line 18: Line 18:
 
To activate OpenID support, go to the Configuration Admin panel:
 
To activate OpenID support, go to the Configuration Admin panel:
  
: Configuration > Users and Submissions > Users > User Login Method[openid]
+
: Configuration > Geeklog > Users and Submissions > Users > User Login Method[openid]
  
 
Set this option to "true", then save the configuration change. When you log out, you will see a new login prompt in your site's User Functions block, below the normal login options:
 
Set this option to "true", then save the configuration change. When you log out, you will see a new login prompt in your site's User Functions block, below the normal login options:
  
 
[[Image:Openid-login.png]]
 
[[Image:Openid-login.png]]
 +
 +
As the "http" suggests, your OpenID is really a URL that you use for the login (hence the need for a separate login prompt). Note that you will '''not''' enter your password on the site you are about to log in to. Instead, you will be taken to your OpenID provider (the place where you registered your OpenID) and enter the password ''there''. So the Geeklog site will never see your OpenID password - it will only get an "okay" back from the OpenID provider if you authenticated successfully.
 +
 +
Once a user has logged in via OpenID, they are just like any other Geeklog user. They can be added to groups, change their profile, do whatever else you allow your users to do on your site. And yes, OpenID users can also be banned.
 +
 +
Users that log in through OpenID are automatically added to the "Remote Users" group.
 +
 +
=== Limitations ===
 +
 +
* Currently, only OpenID 1.1 is supported (the current protocol version is 2.0, but it is mostly backward compatible).
 +
* Geeklog can only act as an OpenID Consumer (i.e. allow login with an OpenID) but not as an OpenID Provider (i.e. provide OpenIDs for use with other sites).
  
  
Line 29: Line 40:
 
* [http://openid.net/ OpenID homepage]
 
* [http://openid.net/ OpenID homepage]
 
* [http://www.geeklog.net/article.php/openid-patch OpenID patch for Geeklog 1.4.1]
 
* [http://www.geeklog.net/article.php/openid-patch OpenID patch for Geeklog 1.4.1]
 +
* [[SoC full openid support|Summer of Code Project: OpenID 2.0 Support]]

Latest revision as of 10:26, 8 May 2009

What is OpenID?

The idea behind OpenID is to get rid of the need to register separately with all the websites out there that require registration before you can use them. Instead of having to keep track of all the different accounts, you can use one login on every website that supports OpenID.

To quote the OpenID homepage:

OpenID eliminates the need for multiple usernames across different websites, simplifying your online experience.
You get to choose the OpenID Provider that best meets your needs and most importantly that you trust. At the same time, your OpenID can stay with you, no matter which Provider you move to. And best of all, the OpenID technology is not proprietary and is completely free.

OpenID is a free and open protocol. It is not owned by any corporation.


OpenID in Geeklog

OpenID support in Geeklog differs slightly from the Remote Authentication support, but only in that it requires a separate login prompt.

To activate OpenID support, go to the Configuration Admin panel:

Configuration > Geeklog > Users and Submissions > Users > User Login Method[openid]

Set this option to "true", then save the configuration change. When you log out, you will see a new login prompt in your site's User Functions block, below the normal login options:

Openid-login.png

As the "http" suggests, your OpenID is really a URL that you use for the login (hence the need for a separate login prompt). Note that you will not enter your password on the site you are about to log in to. Instead, you will be taken to your OpenID provider (the place where you registered your OpenID) and enter the password there. So the Geeklog site will never see your OpenID password - it will only get an "okay" back from the OpenID provider if you authenticated successfully.

Once a user has logged in via OpenID, they are just like any other Geeklog user. They can be added to groups, change their profile, do whatever else you allow your users to do on your site. And yes, OpenID users can also be banned.

Users that log in through OpenID are automatically added to the "Remote Users" group.

Limitations

  • Currently, only OpenID 1.1 is supported (the current protocol version is 2.0, but it is mostly backward compatible).
  • Geeklog can only act as an OpenID Consumer (i.e. allow login with an OpenID) but not as an OpenID Provider (i.e. provide OpenIDs for use with other sites).


Further reading