Blogger is a very weak OP and RP. It's buggy all over the place in my experience. I'd change your XRDS to point to something other than Blogger as your OP.<br clear="all">--<br>Andrew Arnott<br>"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br><br><div class="gmail_quote">On Sat, Jun 13, 2009 at 2:39 PM, Peter Williams <span dir="ltr"><<a href="mailto:pwilliams@rapattoni.com">pwilliams@rapattoni.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
So lets do it.<br>
<br>
goto blogspot and create a blog. Mine is called openid2.<br>
<br>
goto <a href="http://freexri.com" target="_blank">freexri.com</a> and login.<br>
<br>
Put <a href="http://openid2.blogspot.com/" target="_blank">http://openid2.blogspot.com/</a> (or your equivalent) in the lowest input box, to start binding your google credentials to your delegation. FreeXRI and blogspot perform websso, and I get a freexri session.<br>
<br>
The freexri site allows you to (a) choose a name in some community (b) bind a password, for account recovery (lest Google lock you out for 2 weeks while one negotiates with their account reps).<br>
<br>
in the auth settings, choose<br>
<br>
I already have an OpenID. I want =@blog*bloggerlock<mailto:=@blog*bloggerlock> to point to my existing OpenID:<br>
<br>
and delegate back now to <a href="http://openid2.blogspot.com/" target="_blank">http://openid2.blogspot.com/</a> (in my case).<br>
<br>
once the name is registered (move over facebook...), click advanced, and retain your canonical id. Mine is<br>
@!E459.819D.771.7990!8a24.bb1b.d12d.071b (note the form, with the leading =!).<br>
<br>
Using your =!... value rather than mine (or Andrews), create a snippet of the form:<br>
<br>
<meta http-equiv='X-XRDS-Location' content='<a href="https://xri.net/@!E459.819D.771.7990!8a24.bb1b.d12d.071b?_xrd_r=application/xrds%2Bxml;sep=false" target="_blank">https://xri.net/@!E459.819D.771.7990!8a24.bb1b.d12d.071b?_xrd_r=application/xrds%2Bxml;sep=false</a>' /><br>
<br>
Then follow Andrew's blog entry counsel on putting XRDS metadata in the blogspot area. Logged into Blogspot using Google Account credentials, apply Layout->HTML editing, and add the snippet just after the <head> tag.<br>
<br>
Got to facebook now, and sign up (it pings an email account...). In accounts settings in a newly provisioned account, set a linked id, and enter <a href="http://openid2.blogspot.com/" target="_blank">http://openid2.blogspot.com/</a>.<br>
<br>
Facebook will not cooperate with an openid provider v1.1. Sigh.<br>
<br>
so, go to plaxo instead, and use the openid signin, citing (for me) <a href="http://openid2.blogspot.com/" target="_blank">http://openid2.blogspot.com/</a>.<br>
<br>
This says: Unable to redirect to the specified OpenID provider: failed to perform curly request [URL using bad/illegal format or missing URL].<br>
<br>
<br>
<br>
If I just enter <a href="https://xri.net/@!E459.819D.771.7990!8a24.bb1b.d12d.071b" target="_blank">https://xri.net/@!E459.819D.771.7990!8a24.bb1b.d12d.071b</a> at plaxo, this redirects to blogger, which correctly complains (I suppose) that:<br>
<br>
<br>
<br>
Your blog is not supported for use as an OpenID URL. Please check the following:<br>
<br>
* Is your blog externally hosted? OpenID is only supported for blogs hosted on Blogger.<br>
* Was the URL (<a href="http://xri.net/openid2.blogspot.com" target="_blank">http://xri.net/openid2.blogspot.com</a>) spelled correctly?<br>
<br>
<br>
(not sure where the <a href="http://xri.net/openid2.blogspot.com" target="_blank">http://xri.net/openid2.blogspot.com</a> comes from, tho.)<br>
<br>
<br>
<br>
now, the XRD that freexri creates by default is not EXACTLY configured as Andrew configured his XRD, in his aspx (or 1id config). This may account for matters. Or, are we running into namespace controls (correctly): that OP can only speak for XRI authorities for which they in turn HAVE authority (to speak)?<br>
<br>
I dont see why an OP cannot discover - for the XRI case - the user's XRD itself, note the users delegation of namespaces, and determine that it has the right AND - from browser trust - current authorization to speak for a "delegated-synonym"<br>
________________________________<br>
From: <a href="mailto:general-bounces@openid.net">general-bounces@openid.net</a> [<a href="mailto:general-bounces@openid.net">general-bounces@openid.net</a>] On Behalf Of Andrew Arnott [<a href="mailto:andrewarnott@gmail.com">andrewarnott@gmail.com</a>]<br>
Sent: Friday, June 12, 2009 9:50 PM<br>
To: Tyler Romeo<br>
Cc: <a href="mailto:general@openid.net">general@openid.net</a><br>
Subject: Re: [OpenID] Question About OpenID<br>
<div class="im"><br>
I think what you're looking for is what OpenID calls delegation. Delegation includes the ability to take several OpenIDs issued by several providers and tie them into just one identifier that you can always use, even as your set of Providers change.<br>
<br>
I have a couple of blog posts that tell you how to do it:<br>
<br>
Part 1: <a href="http://blog.nerdbank.net/2008/07/how-i-have-taken-control-of-my-own.html" target="_blank">http://blog.nerdbank.net/2008/07/how-i-have-taken-control-of-my-own.html</a><br>
Part 2: <a href="http://blog.nerdbank.net/2008/07/how-i-have-taken-control-of-my-own_22.html" target="_blank">http://blog.nerdbank.net/2008/07/how-i-have-taken-control-of-my-own_22.html</a><br>
<br>
--<br>
Andrew Arnott<br>
"I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre<br>
<br>
<br>
</div><div class="im">On Fri, Jun 12, 2009 at 9:30 PM, Tyler Romeo <<a href="mailto:tylerromeo@gmail.com">tylerromeo@gmail.com</a><mailto:<a href="mailto:tylerromeo@gmail.com">tylerromeo@gmail.com</a>>> wrote:<br>
Maybe somebody can help me. I started looking into OpenID a little while ago, and there is something that is a little confusing to me. If I have multiple OpenID providers that I use (because a lot of popular websites are making themselves providers now for whatever reason), is there any way to either link the different accounts or make one of them the central OpenID or anything similar to that idea, because it gets confusing, annoying, and essentially useless when all the websites I use give me an OpenID, but I cannot do a single login, which seems to be the general point of OpenID. Hopefully somebody could answer that.<br>
<br>
Thanks,<br>
Tyler<br>
<br>
_______________________________________________<br>
general mailing list<br>
</div><a href="mailto:general@openid.net">general@openid.net</a><mailto:<a href="mailto:general@openid.net">general@openid.net</a>><br>
<div><div></div><div class="h5"><a href="http://openid.net/mailman/listinfo/general" target="_blank">http://openid.net/mailman/listinfo/general</a><br>
<br>
<br>
</div></div></blockquote></div><br>