Oooh... I <i>hate</i> when OPs do that. It breaks delegation and can confuse or frustrate RPs that are trying to verify a specific identity.<br clear="all">--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">On Wed, Dec 2, 2009 at 9:03 PM, Yang Zhao <span dir="ltr"><<a href="mailto:yang@yangman.ca">yang@yangman.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
2009/12/1 russell muetzelfeldt <<a href="mailto:russm-lists-openid-net@slofith.org">russm-lists-openid-net@slofith.org</a>>:<br>
<div class="im">> What I can't figure out how to make work is our own OP so that it will respond to requests against an OP Identifier rather than a user's personal Identifier.<br>
><br>
> All the code samples I've found for OPs assume that the users will be entering their own Identifier at the RP rather than being prompted for both identification and authentication (username/password) at the OP. (Also, I'm new to OpenID and don't really understand any of the XRDS/YADDIS stuff that seems to drive the discovery process.)<br>
<br>
</div>Simply always have your OP ask the user for an identity, and override<br>
the claimed_id and identity fields in the reply on a successful<br>
authentication.<br>
<br>
In a normal flow, these fields will be populated by values determined<br>
during discovery. Override them on response to assert a different<br>
identity.<br>
<br>
Cheers,<br>
<font color="#888888">--<br>
Yang Zhao<br>
<a href="http://yangman.ca" target="_blank">http://yangman.ca</a><br>
</font><div><div></div><div class="h5">_______________________________________________<br>
Code mailing list<br>
<a href="mailto:Code@lists.openid.net">Code@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-code" target="_blank">http://lists.openid.net/mailman/listinfo/openid-code</a><br>
</div></div></blockquote></div><br>