OpenID consumer support live on LiveJournal.com

Troy Benjegerdes hozer at hozed.org
Tue Jun 28 21:20:53 PDT 2005


On Tue, Jun 28, 2005 at 08:44:13PM -0700, Brad Fitzpatrick wrote:
> On Mon, 27 Jun 2005, Troy Benjegerdes wrote:
> 
> > On Tue, Jun 28, 2005 at 02:52:17AM +0100, Martin Atkins wrote:
> > > Troy Benjegerdes wrote:
> > > >
> > > > Now, what's the minimal set of code I need to be able to use the
> > > > Net::OpenID::Server perl module without installing a whole livejournal
> > > > server? ;)
> > > >
> > >
> > > I'm sure that now there's a very public, useful OpenID consumer
> > > available it won't be long before someone writes a quick and easy
> > > CGI-based OpenID server that can both drop in and be used and also serve
> > > as a simple example for implementers.
> >
> > Since I'm not much of a perl hacker, I was hopeing the developers would
> > include a quick-and-dirty, but tested and working sample CGI program in
> > with the Net::OpenID::Server perl module. ;)
> >
> > So I guess consider this a plea for a really simple CGI... and if
> > someone else writes one, please integrate it with the main ::Server
> > module release.
> 
> I was going to write one, but then I realized the frickin' ugly part is
> that then I have to write a "create an account" component, and a "login"
> component, and a "lost password", .., and...
> 
> Perhaps just a file on disk with usernames / hashed passwords would be
> easier.
> 
> Martin?  :-)

If you can make it use Apache authorization (.htaccess/.htpasswd files),
that would be the best. You don't have to worry about anything, apache
takes care of it all, and supports umpteen different
authorization/authentication mechanisms. However, if someone could do a
sample that looks a disk file, I could probably figure out how to make
apache auth work from that. Or maybe just a "is_user_authorized"
function.

Once using Apache Auth works, it's pretty easy to set up mod_auth_kerb
and then you can get single-sign on authentication using Kerberos.
(Which means you could get an openid login once you are logged into a
windows Active Directory domain)


More information about the yadis mailing list