[security] HTTP vs HTTPS based OpenIDs
Trevor Johns
trevor at tjohns.net
Tue Dec 8 23:45:30 UTC 2009
On Tue, 8 Dec 2009 15:31:40 -0800 (PST), Jacob Bellamy <toarms at gmail.com>
wrote:
>
> You are right Trevor that it might not be any problem with the libraries
> and
> extensions themselves, but in my own experience trying to use HTTPS
OpenIDs
> with either of the wordpress or mediawiki extensions does not work out of
> the box. There could be some additional tweaking or configuring required
to
> make it do so.
A common problem is that PHP isn't compiled with SSL support.
Other times it's compiled as an extension that needs to be explicitly
enabled in your php.ini.
Try running examples/detect.php in the php-openid library and see if it
works. (http://openidenabled.com/php-openid/) I know for a fact that
library supports HTTPS, and that's what the MediaWiki plugin relies on.
--
Trevor Johns
http://tjohns.net
More information about the security
mailing list