<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Larry,<div><br></div><div>I really think this is a bad assumption as the SP may try to get access to the Attributes with no user present.</div><div>In my case, this requires the user to hit a "Continue" button on a blank page. It does not happen automatically and is, at best, confusing. It took me a while to figure out what was happening.</div><div><br></div><div>I do think that this ought to be fixed somehow either way. Why couldn't the server do a direct post rather than go through the intermediary of a form? I must be missing something.</div><div>Thanks,</div><div>Pat.</div><div><br></div><div><br><div><div>On Dec 30, 2008, at 6:19 AM, larry drebes wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">Hi Pat,<div>The normal behavior for an OP is to assume the user is in the loop. With javascript enabled the form POST submit should happen automatically, for the vast majority of time this is not pestering the user.</div> <div>larry-<br><br><div class="gmail_quote">On Mon, Dec 29, 2008 at 7:46 PM, Pat Cappelaere <span dir="ltr"><<a href="mailto:pat@cappelaere.com">pat@cappelaere.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"> I have an interesting problem.<br> <br> I am trying to make a CheckIDRequest along with a few experimental AX.<br> Problem is that my attributes are fairly large and could overflow the<br> GET.<br> The Janrain Ruby library detects that and turns the response into a<br> secondary form. A user has to hit continue for the form to do a<br> post. This is fine if there is a user in the loop (although confusing<br> at best) but this is not my case. I do not have a user in the loop.<br> I am really trying to authenticate an application consumer that<br> happens to have an openid and trying to get its pubic key in order to<br> do the OAuth dance using AX... cool stuff...<br> <br> My questions are:<br> <br> Is this the normal behavior of an OP?<br> <br> Should I try to patch the server library to return a directPOST?<br> <br> Or get my consumer to break down the request in two parts? I am not<br> quite sure how the second part would look like though...<br> <br> Any suggestions?<br> <br> Thanks,<br> <br> Pat.<br> <br> _______________________________________________<br> general mailing list<br> <a href="mailto:general@openid.net">general@openid.net</a><br> <a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br> </blockquote></div><br></div></blockquote></div><br></div></body></html>