How to store OpenID Identity in DB - any recommendation?
Lukas Rosenstock
inbox at lukasrosenstock.net
Mon Aug 7 13:26:46 UTC 2006
As far as I can remember the consent on this list was to *not* assume
identities to be the same if they *can* be different, therefore it is
necessary to store the complete canonical identity as given.
HTTP/HTTPs remains a problem. The slash problem could be solved if the
IdPs use redirection (30x) because the canonical URL that identifies a
user is the one *after* the redirect.
In my databases I use a table with local unique ids and another one that
matches OpenIDs to local ids, users can manually associate multiple URLs
with one account.
Lukas
Am 07.08.2006, 15:04 Uhr, schrieb Vladimir <vlach at seznam.cz>:
> Hello,
>
> I read some of the previous articles about HTTP/HTTPS identities, but
> I'd like to know, if you can recommend me how to store and identify
> multiple identities as a one single user.
>
> We all know, that user could enter:
> https://www.openidserver.com/user/
> https://www.openidserver.com/user
> http://www.openidserver.com/user/
> http://www.openidserver.com/user
> [or other variants without http/https]
>
> in most cases refers to one single identity.
>
> What would you recommend to webmaster? How to store an OpenID identity
> in database at this moment based on current specs?
>
> Would this be a good/bad idea?
> www.openid.com/user (without ending trailing slash and http/https?) Is
> this compatible with future OpenID development?
>
> How do you manage this in your system?
>
> Thanks for your suggestions,
> Vlad
More information about the yadis
mailing list