[OpenID] opensource library

Peter Williams pwilliams at rapattoni.com
Wed Jun 4 09:57:13 UTC 2008 

I approached what you are after by looking in detail at saml servers, rather than yet more openid code. There is little difference between the two protocols in practical outputs, and I recognized that the saml spec was clearly an expression of a type system specified to generically expess the processing requirements. This focus on type theory contrasts with openid quite properly - as its a natural contrast between securty engineering designed for assurance vs software engineering designed to be a lightweight use of processing resources.

So don't let this become a critique of openid for being excellent at doing what its supposed to do! Perhaps do reflect on the rsa fim server documents (to see how j2ee architecture expresses the saml spec's type system) or the shib/opensaml source (to see how the c classes interplay to express yet more than does the saml spec: how to build a server framework for secured, plug and play  web services)

-----Original Message-----
From: James Tindall <james at atomless.com>
Sent: Wednesday, June 04, 2008 2:20 AM
To: general at openid.net <general at openid.net>
Subject: [OpenID] opensource library

Hello all,

I'm trying to write an opensource OpenId (Relying Party) library for an 
opensource php framework called kohana.
I've been following the Janrain php library because it seemed the most 
comprehensive and full featured but I was wondering if there were other 
libraries out there that are as complete as the Janrain library but 
possibly a little cleaner? The focus with the Janrain library seems to 
have been to cover as many use senarios as possible and to include 
everything needed including session handling - but this has meant that 
the codebase is not at all transparent. As a programmer/web-developer 
picking apart other libraries is often the best way to get an 
understanding of how to write code to handle certain tasks. I've looked 
at just about all of the libraries listed on the openid.net wiki but 
have not as yet found one that is both feature complete and clean and 
clearly coded.

Any suggestions of any helpfull resouces would be much appreciated!

James

_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general

More information about the general mailing list