[OpenID] Cascade of servers? Is that a valid model?
Miguel Figueiredo
fig.miguel at gmail.com
Fri Dec 28 12:33:37 UTC 2007
Hello,
I'm studying the possibility of using OpenId.
My organization's site has hundreds of registered users. Everyone there will
have an OpenId: "username.mysite.org".
My first purpose is to provide Single Sign On for external sites, proving
that those users belong to my organization.
But I also want people already having an openid to use it at my site,
without the need of having another password.
Therefore, each user, besides the OpenId provided by my site, can register,
at his site's account, one or more external OpenIds.
When a user accesses my site he can be authenticated either by username /
Password or by one of his external openids.
When a user accesses a site which is using mine for Single Sign On purposes,
he can only enter the default OpenID, provided by my site. This second site
then connects to my OpenID server -- where the user can use any of his
registered OpenIds to authenticate himself.
This process is something like:
User enters "username.mysite.org" --> the consumer connects to my server
--> my server might have, for this user, an external OpenID defined --> the
user chooses this OpenId ---> My server sends the request to other server
--> this second server replies Ok ---> my server then replies Ok to the
consumer.
Is this a valid OpenID model?
Are there other ways allowing a consumer to know that a certain OpenId
belongs to a valid user at my site, although its OpenId's server is
elsewhere?
Thank you,
Miguel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20071228/609201c6/attachment-0001.htm>
More information about the general
mailing list