[OpenID] OpenID2.0 Provider backed by LDAP/AD?

Etan Weintraub eweintra at jhmi.edu
Thu Nov 19 17:46:06 UTC 2009 

Will-
 My current use case is actually just for the Authentication piece at this point, so it will at least be a start. I can worry about attributes later. Let me know when you have stuff to test out, and I'll do what I can.

-Etan E. Weintraub
Team Leader - Enterprise Authentication
Senior Systems Engineer - Enterprise Directory
IT at Johns Hopkins
Johns Hopkins at Mt. Washington
5801 Smith Ave.
Suite 3110B
Baltimore, MD 21209
Phone: 410-735-7945
E-mail: eweintra at jhmi.edu


-----Original Message-----
From: openid-general-bounces at lists.openid.net [mailto:openid-general-bounces at lists.openid.net] On Behalf Of Will Norris
Sent: Thursday, November 19, 2009 12:42 PM
To: openid-general at lists.openid.net
Subject: Re: [OpenID] OpenID2.0 Provider backed by LDAP/AD?

Long term, yeah this is exactly the kind of use case we're looking to support... especially with campuses that already have Shibboleth deployed.  While we're looking to release some functioning code for folks to toy with in the next couple of weeks, I don't think it will suit your needs just yet.  Specifically, these early versions won't support attributes.  (The library supports attributes just fine, but we ran into problems on the Shibboleth side).

-will

On Nov 19, 2009, at 9:29 AM, Etan Weintraub wrote:

> Nate-
> 
> Itd be great if I could use the stuff in Shib, but I need to jump on this for productionalization, and need a timeline on when the Beta would be prod. Ill contact Will and see what I can do. Thanks.
> 
> 
> From: Nate Klingenstein [mailto:ndk at internet2.edu] 
> Sent: Thursday, November 19, 2009 12:23 PM
> To: Etan Weintraub
> Cc: openid-general at lists.openid.net
> Subject: Re: [OpenID] OpenID2.0 Provider backed by LDAP/AD?
> 
> 
> Etan,
> 
> You should contact Will Norris (will at willnorris.com).  He's writing a new Java OpenID library, and separately, integrating it as a protocol handler for Shibboleth 2.x.  I suspect he's far enough along that you can probably use some of the beta code and provide useful feedback.  And you know that anything's possible with the Shibboleth swiss army knife. ;D
> 
> Take care,
> 
> Nate.
> 
> 
> On Nov 19, 2009, at 4:17 PM, Etan Weintraub wrote:
> 
> What I am looking for is an OpenID 2.0 provider that will use my LDAP or Active Directory server as the user database, and also allow me to use the REMOTE_USER authentication in the server for authentication so that I can protect it by our existing web SSO product.
> 
> Anyone have any ideas? I tried Crowd, but they dont actually support OpenID 2.0 for authentication even though they are using the OpenID 2.0 libraries.
> 
> Any help would be greatly appreciated.

_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 184 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091119/6fd59a25/attachment.pgp>

More information about the general mailing list