[OpenID] OpenID2.0 Provider backed by LDAP/AD?

Steven Livingstone-Perez weblivz at hotmail.com
Thu Nov 19 22:28:33 UTC 2009


DotNetOpenAuth will do most of that wit the LDAP or AD providers (pretty much right out of the box) but the problem is that as you'd likely be using forms authentication & using the AD to authenticate the credentials directly  - so you wouldn't get the REMOTE_USER filled as IIS would need to be on basic/windows auth. 

To do this needs a bit of work through a filter - looking to see if there is something that can do this.

/steven
http://livz.org




From: Andrew Arnott 
Sent: Thursday, November 19, 2009 5:26 PM
To: Etan Weintraub 
Cc: openid-general at lists.openid.net 
Subject: Re: [OpenID] OpenID2.0 Provider backed by LDAP/AD?


Since you mention AD, if I can assume you can run this Provider on a Windows server, DotNetOpenAuth can utilize Windows Authentication (which AD tends to implicitly work with) to automatically authenticate users.  As far as additional stuff like REMOTE_USER, I don't have experience with so your mileage may vary.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre



2009/11/19 Etan Weintraub <eweintra at jhmi.edu>

  Hi everybody-

   I’ve been looking for the past month or so for an OpenID 2.0 Provider package that I can use in our environment. The Openid-Ldap package (www.openid-ldap.org) does almost everything I need it to do except for support 2.0, and it looks like it’s not being maintained anymore.



   What I am looking for is an OpenID 2.0 provider that will use my LDAP or Active Directory server as the user database, and also allow me to use the REMOTE_USER authentication in the server for authentication so that I can protect it by our existing web SSO product.



   Anyone have any ideas? I tried Crowd, but they don’t actually support OpenID 2.0 for authentication even though they are using the OpenID 2.0 libraries.



   Any help would be greatly appreciated.



  -Etan E. Weintraub

  Team Leader - Enterprise Authentication

  Senior Systems Engineer - Enterprise Directory

  IT at Johns Hopkins

  Johns Hopkins at Mt. Washington

  5801 Smith Ave.

  Suite 3110B

  Baltimore, MD 21209

  Phone: 410-735-7945

  E-mail: eweintra at jhmi.edu




  _______________________________________________
  general mailing list
  general at lists.openid.net
  http://lists.openid.net/mailman/listinfo/openid-general






--------------------------------------------------------------------------------


_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20091119/7f493e96/attachment.htm>


More information about the general mailing list