[OpenID] OpenID appropriate here?
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Fri May 30 16:40:59 UTC 2008
Isak Hansen:
> I'm working on a web app that needs to authenticate with a 2nd system
> as the user logged into #1.
> #2 doesn't trust the first system (we do have full control over #1,
> but need to support other #1-like clients that we cannot trust).
>
> We want to avoid storing the users' plaintext password (for #2) in
> #1's db. Asking them for a password on demand could work, but isn't
> very convenient for the user.
>
> Would OpenID work for us?
>
>
I think so. You need to find an OpenID provider you trust which can
perform the authentication for either site. Alternatively you can setup
your own provider (provided #2 will trust it).
Regards
Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org>
Jabber: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Phone: +1.213.341.0390
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080530/6e639fe8/attachment-0002.htm>
More information about the general
mailing list