[OpenID] OpenID2.0 Provider backed by LDAP/AD?

[Will Norris]

Long term, yeah this is exactly the kind of use case we're looking to support... especially with campuses that already have Shibboleth deployed.  While we're looking to release some functioning code for folks to toy with in the next couple of weeks, I don't think it will suit your needs just yet.  Specifically, these early versions won't support attributes.  (The library supports attributes just fine, but we ran into problems on the Shibboleth side).

-will

On Nov 19, 2009, at 9:29 AM, Etan Weintraub wrote:

> Nate-
> 
> Itd be great if I could use the stuff in Shib, but I need to jump on this for productionalization, and need a timeline on when the Beta would be prod. Ill contact Will and see what I can do. Thanks.
> 
> 
> From: Nate Klingenstein [mailto:ndk at internet2.edu] 
> Sent: Thursday, November 19, 2009 12:23 PM
> To: Etan Weintraub
> Cc: openid-general at lists.openid.net
> Subject: Re: [OpenID] OpenID2.0 Provider backed by LDAP/AD?
> 
> 
> Etan,
> 
> You should contact Will Norris (will at willnorris.com).  He's writing a new Java OpenID library, and separately, integrating it as a protocol handler for Shibboleth 2.x.  I suspect he's far enough along that you can probably use some of the beta code and provide useful feedback.  And you know that anything's possible with the Shibboleth swiss army knife. ;D
> 
> Take care,
> 
> Nate.
> 
> 
> On Nov 19, 2009, at 4:17 PM, Etan Weintraub wrote:
> 
> What I am looking for is an OpenID 2.0 provider that will use my LDAP or Active Directory server as the user database, and also allow me to use the REMOTE_USER authentication in the server for authentication so that I can protect it by our existing web SSO product.
> 
> Anyone have any ideas? I tried Crowd, but they dont actually support OpenID 2.0 for authentication even though they are using the OpenID 2.0 libraries.
> 
> Any help would be greatly appreciated.