[OpenID] openid in a non-distributed situation?
Gábor Farkas
gabor at nekomancer.net
Wed Jul 18 20:26:55 UTC 2007
hi,
i'm trying to implement a single-signon system for an intranet-solution,
and had the idea that maybe openid would help there.
i understand that it's not what openID is meant for, but i thought it
maybe could work in this situation.
my situation is the following:
- i have several web-applications on the intranet, currently all of them
doing their own sessions/authorizations etc.
- i would like to do some kind of single-signon there, so that the users
would only need to login once, and then 'stay' logged in on every server.
i understand that the usual workflow with openID is:
1. the user goes to one of the web-apps
2. the user enters his openID
3. the user is forwarded to the openID-provider where he somehow
authenticates himself and is then returned to the web-app
4. the user is logged in to the web-app
this workflow is also fine for me, except:
A. i have to make sure that the users only have to enter their username
as the openID, and then the user is always forwarded to our internal
"openid-provider".
B. in this workflow, you enter your username (well, openID) at step-2,
and your password at step-3. i would really like to allow the user to
enter both at the same page, but i can live without that.
so, does it make sense to try something like this?
P.S: i know that are other solutions, specially meant for my problem
(like CAS, etc.), but my problem with them is that they usually only
have one implementation. openid, on the other hand, has lots of them.
thanks,
gabo
More information about the general
mailing list