[OpenID] openID provider / server setting

Peter Williams home_pw at msn.com
Mon Apr 13 23:33:41 UTC 2015 

Not source routing, but tls pricing.

Perfectly normal in us govt contractor environments (such as ca technologies) and sso.

Bur we can pretend otherwise.

Remember the difference between SSL v2 and ietf SSL v3 / tls. The latter should suddenly facilitated poroxyng, thanks to iesg (and a few academic grants of cash)



Sent from my Windows Phone
________________________________
From: John Bradley<mailto:ve7jtb at ve7jtb.com>
Sent: ‎4/‎13/‎2015 3:03 PM
To: Nat Sakimura<mailto:sakimura at gmail.com>
Cc: openid-general at lists.openid.net<mailto:openid-general at lists.openid.net>
Subject: Re: [OpenID] openID provider / server setting

Nothing stops TLS from working on the loopback.   You just can’t access it from another computer without source routing and that would be nasty.

I take it that you want to run a AS and client on the same server as programming project.

I suspect that running the AS with a self signed certificate on a real IP address and accessing it from another computer would be easier.

One alternative might be to run a VM on your computer for the AS so that it can have it’s own network address.   You can then run the client on your main computer.
Depending on the OS you can probably add entries to your hosts table to make it look nicer.

You can give https://bitbucket.org/PEOFIAMP/phpoidc <https://bitbucket.org/PEOFIAMP/phpoidc>  a try that should be fairly readable code.

It should be fairly easy to set up.  I suspect that fussing with self signed certs and your networks setting may take the longest.
I would use a VM like VerualBox as the AS myself, because I am lazy and it would be easier to debug.

John B.


> On Apr 13, 2015, at 6:49 AM, Nat Sakimura <sakimura at gmail.com> wrote:
>
> I am terribly sorry that I have missed your message.
>
> A regular OP needs to serve over HTTPS. Thus, it cannot serve over 127.0.0.1, if that is what you mean by a locally hosted.
> Instead, you can use Self-Issued provider, which you can find the info at:
> http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued <http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued>
>
> Cheers,
>
> Nat Sakimura
>
>
> On Sat, Mar 21, 2015 at 5:19 PM Sam DT <samdt3263 at gmail.com <mailto:samdt3263 at gmail.com>> wrote:
> Hi,
>
> I want to make my own local host an openID provider for the purpose of a class assignment.
> The relying party that i have configured should redirect the user to my localhost page where i have hosted the server for authentication.
> Can you tell me if this is possible using any openID library?
>
> I should be very thankful
> _______________________________________________
> general mailing list
> general at lists.openid.net <mailto:general at lists.openid.net>
> http://lists.openid.net/mailman/listinfo/openid-general <http://lists.openid.net/mailman/listinfo/openid-general>
> _______________________________________________
> general mailing list
> general at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-general

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20150413/523cd303/attachment.html>
-------------- next part --------------
_______________________________________________
general mailing list
general at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-general

More information about the general mailing list