[OpenID] One developer's first encounter with account chooser (openid connect?)
Peter Williams
home_pw at msn.com
Sat Oct 27 07:39:34 UTC 2012
Well I should give apologies to Google, as there IS a local login function in its account creator wordpress integration. Though ...it did take a week to find it. If you type a local account name into the box labeled "email", it does a classical local login (with local password challenge). So of the two parties I wacked as wrong, both were actually right. So much for Peter.
OK, so for my penance at wronging Microsoft, I taught myself to use the firms asp.net website hosted in its azure cloud platform, that comes with OAUTH consumer capabilities, etc. And it was good. It's consumer friendly, targeting the typical webmaster/mistress. I paid my dues by constructing an open source plugin, that allows any site to talk to an OAUTH v1.0a provider plugin in any suitably-enhanced wordpress instance deployment. This also helps me with work on Mozilla's persona, since they are thinking about oauth (which I now finally dominate, at least up to OAUTH v1.0a). For my penance with Google, Ill now add the GIT (aka account chooser) toolkit to the wordpress site that is acting as my IDP (i.e. oauth provider). I will now allow users to register via the account chooser experience, too. I think this means that the site will rely on the "verified email" id during registration for those who use account choose registration means - and will then issue its own oauth protocol messages to its own downstream consumers who do a "local login", if the user is able to also cite the local password. In effect, Ill be saying saying: I relied on the assurance of opened connect, and you might rely on my act of reliance, should you wish. This is semantically similar to what SAML called an "SP affiliation". Or so think I - as confused as ever, now having 4 websso standards to choose from.Subject: One developer's first encounter with account chooser (openid connect?)
To: openid-general at lists.openid.net
Date: Wed, 17 Oct 2012 19:03:55 +0000
From: home_pw at msn.com
In a word: frustrating. http://wp.me/p1fcz8-2YW. It was frustrating on multiple levels.
Obviously the code is fixable, but one worries about the very "idea" - there seems a desperation in the desire to remove local IDPs - including those granting access to privileged administrator configuring (broken) federated logon!
To be fair, the default Microsoft ASP.NET web app project built by the released version of visual studio 20102 doesn't work, either - when taking up the federated (OAUTH/openid) login option and its display of a set of IDPs, configured locally. It doesn't even compile, link and load! Thus, I have not even so far as work with its attempt to showcase Openid Connect, or see if things interwork yet with Google's implementation, etc.
Sent from Windows Mail
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20121027/7eb8f799/attachment.html>
More information about the general
mailing list