Canonical ID
Ask Bjørn Hansen
ask at develooper.com
Fri May 20 04:16:22 PDT 2005
On May 20, 2005, at 3:18, Martin Atkins wrote:
Isn't it a pain (and/or flaky) to do that safely? The consumer would
have to check the new URL/ID the identity server gives you. (Or I'd
have my rogue ID server respond with www.yoursite.com when I told the
consumer www.mysite.com).
Isn't it fair to say that if a user wants the consumer to recognize
him as the same guy as last time then he needs to use the same ID.
In my SSO/Auth/Identity server thing I have an explicit feature to
allow a user to have multiple identities. The "consumer sites" will
get a different ID if you get forwarded with a different identity.
- ask
--
http://www.askbjoernhansen.com/
More information about the yadis
mailing list