<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=text/html;charset=Windows-1252 http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.7100.4137"></HEAD>
<BODY style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
id=MailContainerBody leftMargin=0 topMargin=0 CanvasTabStop="true"
name="Compose message area">
<DIV><FONT face=Calibri>DotNetOpenAuth will do most of that wit the LDAP or AD
providers (pretty much right out of the box) but the problem is that as
you'd likely be using forms authentication & using the AD to authenticate
the credentials directly - so you wouldn't get the REMOTE_USER filled
as IIS would need to be on basic/windows auth. </FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>To do this needs a bit of work through a filter -
looking to see if there is something that can do this.</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>/steven</FONT></DIV>
<DIV><FONT face=Calibri><A
href="http://livz.org">http://livz.org</A></FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: #f5f5f5">
<DIV style="font-color: black"><B>From:</B> <A title=andrewarnott@gmail.com
href="mailto:andrewarnott@gmail.com">Andrew Arnott</A> </DIV>
<DIV><B>Sent:</B> Thursday, November 19, 2009 5:26 PM</DIV>
<DIV><B>To:</B> <A title=eweintra@jhmi.edu href="mailto:eweintra@jhmi.edu">Etan
Weintraub</A> </DIV>
<DIV><B>Cc:</B> <A title=openid-general@lists.openid.net
href="mailto:openid-general@lists.openid.net">openid-general@lists.openid.net</A>
</DIV>
<DIV><B>Subject:</B> Re: [OpenID] OpenID2.0 Provider backed by
LDAP/AD?</DIV></DIV></DIV>
<DIV><BR></DIV>Since you mention AD, if I can assume you can run this Provider
on a Windows server, DotNetOpenAuth can utilize Windows Authentication (which AD
tends to implicitly work with) to automatically authenticate users. As far
as additional stuff like REMOTE_USER, I don't have experience with so your
mileage may vary.<BR clear=all>--<BR>Andrew Arnott<BR>"I [may] not agree with
what you have to say, but I'll defend to the death your right to say it." - S.
G. Tallentyre<BR><BR><BR>
<DIV class=gmail_quote>2009/11/19 Etan Weintraub <SPAN dir=ltr><<A
title="mailto:eweintra@jhmi.edu CTRL + Click to follow link"
href="mailto:eweintra@jhmi.edu">eweintra@jhmi.edu</A>></SPAN><BR>
<BLOCKQUOTE
style="BORDER-LEFT: #ccc 1px solid; MARGIN: 0px 0px 0px 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>
<DIV lang=EN-US link="blue" vlink="purple">
<DIV>
<P class=MsoNormal>Hi everybody-</P>
<P class=MsoNormal> I’ve been looking for the past month or so for an
OpenID 2.0 Provider package that I can use in our environment. The Openid-Ldap
package (<A href="http://www.openid-ldap.org"
target=_blank>www.openid-ldap.org</A>) does almost everything I need it to do
except for support 2.0, and it looks like it’s not being maintained
anymore.</P>
<P class=MsoNormal> </P>
<P class=MsoNormal> What I am looking for is an OpenID 2.0 provider that
will use my LDAP or Active Directory server as the user database, and also
allow me to use the REMOTE_USER authentication in the server for
authentication so that I can protect it by our existing web SSO product.</P>
<P class=MsoNormal> </P>
<P class=MsoNormal> Anyone have any ideas? I tried Crowd, but they don’t
actually support OpenID 2.0 for authentication even though they are using the
OpenID 2.0 libraries.</P>
<P class=MsoNormal> </P>
<P class=MsoNormal> Any help would be greatly appreciated.</P>
<P class=MsoNormal> </P>
<P class=MsoNormal>-Etan E. Weintraub</P>
<P class=MsoNormal>Team Leader - Enterprise Authentication</P>
<P class=MsoNormal>Senior Systems Engineer - Enterprise Directory</P>
<P class=MsoNormal>IT@Johns Hopkins</P>
<P class=MsoNormal>Johns Hopkins at Mt. Washington</P>
<P class=MsoNormal>5801 Smith Ave.</P>
<P class=MsoNormal>Suite 3110B</P>
<P class=MsoNormal>Baltimore, MD 21209</P>
<P class=MsoNormal>Phone: 410-735-7945</P>
<P class=MsoNormal>E-mail: <A href="mailto:eweintra@jhmi.edu"
target=_blank>eweintra@jhmi.edu</A></P>
<P
class=MsoNormal> </P></DIV></DIV><BR>_______________________________________________<BR>general
mailing list<BR><A
href="mailto:general@lists.openid.net">general@lists.openid.net</A><BR><A
href="http://lists.openid.net/mailman/listinfo/openid-general"
target=_blank>http://lists.openid.net/mailman/listinfo/openid-general</A><BR><BR></BLOCKQUOTE></DIV><BR>
<P>
<HR>
<P></P>_______________________________________________<BR>general mailing
list<BR>general@lists.openid.net<BR>http://lists.openid.net/mailman/listinfo/openid-general<BR></BODY></HTML>