[OpenID] Private Federation solution using OpenID

Tue May 8 15:08:25 UTC 2012

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks for your reply John, the scenario is exactly what you described.
We will be the OpenID provider and the SaaS will be the relying party.
Do you know if there is some documentation already written on how to
implement an OpenID provider from scratch? I mean, just the auth
specification should be enough?

Thanks.

Em 08-05-2012 11:48, John Bradley escreveu:
> If the SaaS provider is the RP and your company is the OP there is nothing that requires you to release any attributes to the SaaS provider via openID.
> 
> I don't think there is anything to stop you from doing that.
> 
> John B.
> 
> On 2012-05-08, at 10:18 AM, Matheus Eduardo Bonifacio Morais wrote:
> 
>>
> Hi there,
> 
> I work for a company which is looking for a federation solution to
> SaaS applications used internally by the employees. For our use case
> is mandatory that the user data could keep in private and the SaaS
> provider must not have access to it. I was thinking to use OpenID
> because is well written and the most important part, it is an
> open-standard. For what I understood by reading the protocol
> specification, this is not a goal of OpenID.
> 
> I would like to know if is possible to implement that kind of solution
> and If I'm not hurting the main project goals as long as I will not
> allow everyone to sign-in using an OpenID compatible account.
> 
> Thanks.
> 
Esta mensagem é somente para uso do destinatário informado e pode conter
informações privilegiadas, proprietárias, ou privadas. Se você recebeu
esta mensagem por engano, por favor notifique o remetente imediatamente
e apague a original. Qualquer uso deste email é proibido.
This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise private information. If you have
received it in error, please notify the sender immediately and delete
the original. Any other use of the email by you is prohibited.
>>
_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

- -- 
Classificação da Informação: Uso Interno

Matheus Morais
Infraestrutura de TI
Confederação SICREDI – Porto Alegre
51 3358-4700 ramal 7190

www.sicredi.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPqTboAAoJEJaxmh5NVUojYkAH/30F8Cs4r5m8PqNrrpWLKAo8
4VWC5DUK6mo9LUTmgcfTagFLqa766LrsBWiiV3dSPX0DYLz6B/DQKsw+7gz9VMhU
/shlz7omd5Mxl48o7x+uaxj7ufF0SdlgH20QlAj7D06GdqLXy81A2+uvql/87Xrz
8UgEKq+VQTi4p740xBKmonM0FpLTIsapQ3YOO/0Ul/zeFM1Q7rmBZfyOD3BRemPf
0jKjZcAnUHeUmV8R1per5k8ebjSlgIy/+3258VYy3LN5GYR+FHUj1kF4F4OKvVOg
TQLVtg797tic20nSmZwQ1vLyYcDxhmO5RoHK2uYSeH1SbcCKQYGIpmytpWLmjWQ=
=dTXs
-----END PGP SIGNATURE-----=
Esta mensagem é somente para uso do destinatário informado e pode conter informações privilegiadas, proprietárias, ou privadas. Se você recebeu esta mensagem por engano, por favor notifique o remetente imediatamente e apague a original. Qualquer uso deste email é proibido. 
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.