+1<div><br></div><div>Hemal, people who ask for this usually misunderstand OpenID fundamentally. It can't protect what you likely are trying to protect with it. OAuth may be your answer though.</div><div>--<br>Andrew Arnott<br>
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">On Fri, Jan 28, 2011 at 8:37 AM, Matthias-Christian Ott <span dir="ltr"><<a href="mailto:ott@mirix.org">ott@mirix.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">On Fri, Jan 28, 2011 at 09:59:43AM +0530, Hemal wrote:<br>
> My requirement is to receive an OpenID authResponse from a java class<br>
> without using a web browser. With the help of openid4java i was able to<br>
> receive authResponse by writing a servlet.<br>
><br>
> There when the user enters his openid, browser will be redirected to the<br>
> openid authentication page (if authentication has not been done during the<br>
> session.). Then after successful authentication by the OpenID provider it<br>
> will redirect to the URL specified by the returnToUrl.<br>
<br>
</div>The end user's user-agent is always redirected to the OpenID provider<br>
by the relaying party in order to verify the end user's identity. But<br>
most providers, which use user names and passwords, don't show a login<br>
page if the end user already logged in during the session.<br>
<div class="im"><br>
> Because of this redirection I am unable for figure out away to receive a<br>
> authResponse from a openid provider without using a browser. Can anybody<br>
> help me in this regards.<br>
<br>
</div>If I understand you correctly, you want to authenticate a end user<br>
without the end user's user-agent, so that end user enters her<br>
identifier in a form and suddenly she is authenticated.<br>
<br>
OpenID can't do that. Roughly speaking, OpenID is designed so that<br>
the end user presents her identifier which she claims to own to the<br>
relaying party (i.e. the website she wants to login into) and the<br>
OpenID provider than checks if the end users owns the identifier and<br>
tells this the relaying party.<br>
<br>
Regards,<br>
Matthias-Christian<br>
_______________________________________________<br>
Code mailing list<br>
<a href="mailto:Code@lists.openid.net">Code@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-code" target="_blank">http://lists.openid.net/mailman/listinfo/openid-code</a><br>
</blockquote></div><br></div>