[OpenID] How to prove identity without leaving RP?
Jean-Noel Colin
jn.colin at gmail.com
Tue Apr 8 19:10:44 UTC 2008
Hi
The OpenID Auth 2.0 specs mention in the abstract that it should be
possible for an end user to 'prove their identity to a relying party
without having to leave their current web page'.
Of course, this sounds more user-friendly than sending the user to the
OP's page to authenticate, then back to the RP's page.
However, I don't quite understand how this is technically feasible.
The specs mention AJAX-style setup
Another unclear statement is found later in the doc: "An example of a
situation where interaction between the end user and the OP is not
desired is when the authentication request is happening asynchronously
in JavaScript." How is this possible?
Thanks a lot for clarifying this
Best regards
Jean-Noel Colin
More information about the general
mailing list