[OpenID] openid in a non-distributed situation?
Alan J Castonguay
alan.openid at verselogic.net
Wed Jul 18 23:59:32 UTC 2007
Gábor Farkas wrote:
> this workflow is also fine for me, except:
>
> A. i have to make sure that the users only have to enter their username
> as the openID, and then the user is always forwarded to our internal
> "openid-provider".
>
> B. in this workflow, you enter your username (well, openID) at step-2,
> and your password at step-3. i would really like to allow the user to
> enter both at the same page, but i can live without that.
>
> so, does it make sense to try something like this?
The directed identity feature would let you enter just the url of the
IdP at A, and both username and password at B. Since this is an internal
system, and presumably the url of the IdP is the same for everyone, you
could just hardcode the IdP's url in each the RP, so users don't have to
enter it.
--
Alan J Castonguay
More information about the general
mailing list