[OpenID] CheckIDRequest with Big AX
Dick Hardt
dick.hardt at gmail.com
Tue Dec 30 19:32:58 UTC 2008
On 30-Dec-08, at 8:24 AM, Pat Cappelaere wrote:
> Dick,
>
> On Dec 30, 2008, at 10:59 AM, Dick Hardt wrote:
>
>>
>> On 30-Dec-08, at 5:25 AM, Pat Cappelaere wrote:
>>
>>> I think that AX is used in its designed role here.
>>> The user grants access to his information.
>>> The SP ought to be free to access that information at anytime and
>>> update/store stuff at anytime, right?
>>
>> If you don't want the user to be in the loop, then the RP and OP
>> can talk directly.
>>
> Are you saying the RO could POST a FetchRequest directly to the OP
> and get the whole data back within the channel created between the
> two entities?
> Or are you saying: "Do it on your own outside OpenID"?
I'm saying that if the RP and OP want to exchange information directly
without the user being involved, then you should not be using AX.
>
>
>
>> The model does assume that the RP could ask for the information
>> each time the user goes to the site, and a smart OP will allow the
>> user to check a box to allow the information to be sent each time.
>> Same for storing information.
>>
>> Not sure why the user is getting a button they have to click on
>> unless JavaScript has been disabled.
>>
> Hummmm.... I do not see any javascript anywhere on that page So
> someone has to click that button.
dunno why it is not there ...
>
> How is this supposed to work?
> The OP generates a form on the fly and some javacript automatically
> submits that form to the RP?
Yep!
More information about the general
mailing list