[OpenID] Fwd: Using OpenID to authenticate at a 3rd party service

frumioj at mac.com frumioj at mac.com
Mon Feb 12 16:25:15 UTC 2007


Hi George,

On Feb 12, 2007, at 10:58 AM, George Fletcher wrote:
>
>
> I can see a lot of application of the SAML specifications (maybe  
> referenced via an artifact) to this problem.  Your web service  
> could then resolve the artifact and have an assertion as to the  
> user, who authenticated the user, additional attributes, etc.

Strangely enough, I actually wrote something up about this in my  
blog ;) See http://appliedlife.blogspot.com/2007/02/ive-been- 
interested-for-while-in.html for details.

>
> I do agree that this is a natural follow on to OpenID's  
> authenticated identifier.

Also agreed.

- John
>
> Thanks,
> George
>
> Chris Richard wrote:
>> I want to expose a web service that relying parties can use on  
>> behalf of users and I'd like to use OpenID to authenticate users  
>> at this service.
>>
>> I'd like to add the service (a new service type) to the user's  
>> XRDS (which already contains an OpenID service) and now the  
>> relying party can find both services it needs. But what should the  
>> communication look like between these four parties (the user  
>> agent, relying party, OpenID service, my web service)? Does the  
>> relying party need to authenticate the user with OpenID first and  
>> then forward the user through my service where the user is again  
>> authenticated and eventually sent back to the relying party?
>>
>> Thanks in advance for any comments.
>> _______________________________________________ general mailing  
>> list general at openid.net http://openid.net/mailman/listinfo/general
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general





More information about the general mailing list