Hi; The latest release 0.9.3 available in a maven repo does not have Infocard support. Is there a SNAPSHOT version available in a maven repo with the Infocard support? Thanks & regards. - Prabath
Hi;
The latest release 0.9.3 available in a maven repo does not have
Infocard support.
Is there a SNAPSHOT version available in a maven repo with the Infocard support?
Thanks & regards.
- Prabath
_______________________________________________
general mailing list
general <at> openid.net
http://openid.net/mailman/listinfo/general
_______________________________________________ general mailing list general <at> openid.net http://openid.net/mailman/listinfo/general
One of my itches with web authentication is the need to enter identity info, be it user/pass or an OpenID URL, everywhere I want to be identified. So tedious! I should only have to enter it once and be done. There have been a few attempts at solving this by having the browser auto-fill fields for you, but that normally only works so-so (and you still have to enter the identity info once). I've tooled around on a version of authentication that: * Uses OpenID protocol messages. Existing libraries should work. * Lets you enter your OpenID URL once and be done. * Removes all redirects from the browser. * Continuously logs you in to every site (should you so desire). It's worth noting that the protocol could be simplified on the RP side to not use OpenID at the RP at all, which might be good or bad for general OpenID adoption. Have a look at http://commented.org/blog/2008/1/3/continuous-openid.html for the full protocol. I'm sure the thoughts are not entirely new and that the protocol can be improved. Thanks, Hans
yup - from the blog, you essentially re-invented the artifact mode of reliance. Once invoked, RP goes pick up the assertion token from the OP, as deposited there earlier . I believe the artifact mode is much under-rated - even in the practicising SAML community. While the artifact flow itself has pros and cons, the dynamics of the underlying token management are what are interesting. Reusing tokens, getting yetersdays tokens, getting shared tokens, etc etc. are where the opportunities lie. Its a little less compelling in openid, where tokens are signed using the association channels' HMAC keying (which limits token resolution possisbilities, somewhat!), rather than asymmetric keys and dig sigs. ________________________________ From: general-bounces <at> openid.net on behalf of Hans Granqvist Sent: Thu 1/3/2008 6:44 AM To: openid-general General Subject: [OpenID] Continuous OpenID One of my itches with web authentication is the need to enter identity info, be it user/pass or an OpenID URL, everywhere I want to be identified. So tedious! I should only have to enter it once and be done. There have been a few attempts at solving this by having the browser auto-fill fields for you, but that normally only works so-so (and you still have to enter the identity info once). I've tooled around on a version of authentication that: * Uses OpenID protocol messages. Existing libraries should work. * Lets you enter your OpenID URL once and be done. * Removes all redirects from the browser. * Continuously logs you in to every site (should you so desire). It's worth noting that the protocol could be simplified on the RP side to not use OpenID at the RP at all, which might be good or bad for general OpenID adoption. Have a look at http://commented.org/blog/2008/1/3/continuous-openid.html for the full protocol. I'm sure the thoughts are not entirely new and that the protocol can be improved. Thanks, Hans _______________________________________________ general mailing list general <at> openid.net http://openid.net/mailman/listinfo/general
Peter Williams wrote: > yup - from the blog, you essentially re-invented the artifact mode of > reliance. Once invoked, RP goes pick up the assertion token from the > OP, as deposited there earlier . There's a little more than that though. I also saw an OpenID-like authentication protocol between the UA and the IdP - something like the Liberty ID-WSF Authentication and SSO Service (http://www.projectliberty.org/liberty/content/download/3439/22943/file/liberty-idwsf-authn-svc-2.0-errata-v1.0.pdf) which is based on SASL (and thus allows several different authentication methods). Cheers, - John > > > I believe the artifact mode is much under-rated - even in the > practicising SAML community. While the artifact flow itself has pros > and cons, the dynamics of the underlying token management are what > are interesting. Reusing tokens, getting yetersdays tokens, getting > shared tokens, etc etc. are where the opportunities lie. Its a little > less compelling in openid, where tokens are signed using the > association channels' HMAC keying (which limits token resolution > possisbilities, somewhat!), rather than asymmetric keys and dig sigs. > > > > ________________________________ > > From: general-bounces <at> openid.net on behalf of Hans Granqvist Sent: > Thu 1/3/2008 6:44 AM To: openid-general General Subject: [OpenID] > Continuous OpenID > > > > One of my itches with web authentication is the need to enter > identity info, be it user/pass or an OpenID URL, everywhere I want to > be identified. So tedious! I should only have to enter it once and be > done. > > There have been a few attempts at solving this by having the browser > auto-fill fields for you, but that normally only works so-so (and you > still have to enter the identity info once). > > I've tooled around on a version of authentication that: > > * Uses OpenID protocol messages. Existing libraries should work. * > Lets you enter your OpenID URL once and be done. * Removes all > redirects from the browser. * Continuously logs you in to every site > (should you so desire). > > It's worth noting that the protocol could be simplified on the RP > side to not use OpenID at the RP at all, which might be good or bad > for general OpenID adoption. > > Have a look at > http://commented.org/blog/2008/1/3/continuous-openid.html for the > full protocol. I'm sure the thoughts are not entirely new and that > the protocol can be improved. > > Thanks, Hans _______________________________________________ general > mailing list general <at> openid.net > http://openid.net/mailman/listinfo/general > > > _______________________________________________ general mailing list > general <at> openid.net http://openid.net/mailman/listinfo/general
I read the Liberty document quickly. I think it said: Be a web service client and engage in a SASL dialogue with a token mint to negotiate the type and value of tokens required...for subsequent presentation to a web service provider using SOAP extension headers. 1. when the SASL provider (aka token mint) is a "discovery" service, the concept of operations is openid-like - controlling via a discovery protocol the issuance of authorization to release and use tokens (including crypto session tokens, presumably). In openid...one says something similar: without completing XRD-based name discovery before openid auth (or after in the cardspace auth case), the RP is not authorized under the policy (controlling this NTCB) to process the token. 2. when the SASL provider is an SSO (rather than the discovery) service, the service does not seem particularly openid-like. ________________________________ From: John Kemp [mailto:john <at> jkemp.net] Sent: Thu 1/3/2008 7:49 AM To: Peter Williams Cc: Hans Granqvist; openid-general General Subject: Re: [OpenID] Continuous OpenID Peter Williams wrote: > yup - from the blog, you essentially re-invented the artifact mode of > reliance. Once invoked, RP goes pick up the assertion token from the > OP, as deposited there earlier . There's a little more than that though. I also saw an OpenID-like authentication protocol between the UA and the IdP - something like the Liberty ID-WSF Authentication and SSO Service (http://www.projectliberty.org/liberty/content/download/3439/22943/file/liberty-idwsf-authn-svc-2.0-errata-v1.0.pdf) which is based on SASL (and thus allows several different authentication methods). Cheers, - John > > > I believe the artifact mode is much under-rated - even in the > practicising SAML community. While the artifact flow itself has pros > and cons, the dynamics of the underlying token management are what > are interesting. Reusing tokens, getting yetersdays tokens, getting > shared tokens, etc etc. are where the opportunities lie. Its a little > less compelling in openid, where tokens are signed using the > association channels' HMAC keying (which limits token resolution > possisbilities, somewhat!), rather than asymmetric keys and dig sigs. > > > > ________________________________ > > From: general-bounces <at> openid.net on behalf of Hans Granqvist Sent: > Thu 1/3/2008 6:44 AM To: openid-general General Subject: [OpenID] > Continuous OpenID > > > > One of my itches with web authentication is the need to enter > identity info, be it user/pass or an OpenID URL, everywhere I want to > be identified. So tedious! I should only have to enter it once and be > done. > > There have been a few attempts at solving this by having the browser > auto-fill fields for you, but that normally only works so-so (and you > still have to enter the identity info once). > > I've tooled around on a version of authentication that: > > * Uses OpenID protocol messages. Existing libraries should work. * > Lets you enter your OpenID URL once and be done. * Removes all > redirects from the browser. * Continuously logs you in to every site > (should you so desire). > > It's worth noting that the protocol could be simplified on the RP > side to not use OpenID at the RP at all, which might be good or bad > for general OpenID adoption. > > Have a look at > http://commented.org/blog/2008/1/3/continuous-openid.html for the > full protocol. I'm sure the thoughts are not entirely new and that > the protocol can be improved. > > Thanks, Hans _______________________________________________ general > mailing list general <at> openid.net > http://openid.net/mailman/listinfo/general > > > _______________________________________________ general mailing list > general <at> openid.net http://openid.net/mailman/listinfo/general
Hi everyone!
Carsten Poetter and me are trying to give OpenID a kick start into 2008 and we hope to have your full support:
We have launched http://spreadopenid.org today, a site that is
dedicated to supporting users in finding 'their' provider and
understanding what are the important facts in this decision process.
The goal of Spread OpenID is to complement the official OpenID.net
site with content that cannot be found there (at least not presented in the same way). The intended audience is
the average internet user.
At this time the key feature of the site is an OpenID provider comparison that is built on a survey we did among a number of well known providers.
Some of the providers we had sent the survey to didn't reply, some did not want to participate. Nevertheless we hope to add more providers to the list in an ongoing process.
As there has been some delay between the survey and the launch of Spread OpenID, there might have been changes in the meantime. So please send an email if you think something should be corrected.
If you're missing a provider on our list, just propose it to us and we'll see if this one is interested to join our survey.
We're thankful for every link love we can get, esp. from sites accepting OpenID logins and looking for a way to provide their users with an easy way to find 'their' OpenID provider.
If there's somebody out there with some graphic skills, we would also appreciate your ideas and your help in creating some badges that people can put on their blog to show their support for Spread OpenID.
We're looking forward to hear your feedback. Please use admin [at] spreadopenid [.] org to get in touch.
Happy new year!
Thomas & Carsten
_______________________________________________ general mailing list general <at> openid.net http://openid.net/mailman/listinfo/general
Hi, I'm happy to let you know that our Java open source portal, named Lutece, now supports OpenID using the latest version of OpenID4Java library. I'm quite sure very few people has heard about this tool, so let me introduce it to you in few words. - Lutece is made by the city of Paris, and runs more than 40 sites (Internet/Intranet/Extranet) of the city - Over 100 French cities or companies are using Lutece - We hope to be a reference plate-form in France for local government entities - The new release 2 is available in English . We hope to have soon overseas users (we have already some Canadians users but French spoken) A good entry point to discover roughly Lutece is to see metrics on Ohloh and follow some links provided on this site. http://www.ohloh.net/projects/7203?p=lutece Here is the link of the OpenID authentication module project (providing JIRA, SVN, Continuum tools) http://dev.lutece.paris.fr/plugins/module-mylutece-openid/ The Lutece team and I wish you all a very Happy New Year.and a lot of success with OpenID Thanks for your great work. Very Sincerely Pierre LEVY City of Paris Senior software engineer Lutece Project Lead
I thank Pierre for her valuable work! Take this opportunity to discover Lutece :) Cheers -Snorri -----Message d'origine----- De : general-bounces <at> openid.net [mailto:general-bounces <at> openid.net] De la part de Pierre LEVY Envoyé : vendredi 4 janvier 2008 01:43 À : general <at> openid.net Objet : [OpenID] Lutece Java Portal provides OpenID authentication module Hi, I'm happy to let you know that our Java open source portal, named Lutece, now supports OpenID using the latest version of OpenID4Java library. I'm quite sure very few people has heard about this tool, so let me introduce it to you in few words. - Lutece is made by the city of Paris, and runs more than 40 sites (Internet/Intranet/Extranet) of the city - Over 100 French cities or companies are using Lutece - We hope to be a reference plate-form in France for local government entities - The new release 2 is available in English . We hope to have soon overseas users (we have already some Canadians users but French spoken
Hi All, Spec 1.1: 4.4.2 - check_authentication, response parameters include openid.mode / Value = id_res Spec 2.0: 11.4.2.2 - check_authentication, response parameters DO NOT include openid.mode We think Spec 2.0: 11.4.2.2 should include openid.mode Can someone clarify if the spec is wrong or whether it is left out on purpose? Thanks Tom -- -- Tom Calthrop Founding director, Barnraiser. Dedicated to giving people the tools they need to share knowledge and advance society through social software. Web site: http://www.barnraiser.org/ OpenID: http://tom.calthrop.info/
RSS Feed3 | |
|---|---|
2 | |
4 | |
13 | |
3 | |
10 | |
7 | |
12 | |
13 | |
80 | |
4 | |
7 | |
9 | |
13 | |
7 | |
12 | |
32 | |
7 | |
11 | |
23 | |
12 | |
24 | |
23 | |
5 | |
38 | |
20 | |
46 | |
33 | |
45 | |
77 | |
45 | |
23 | |
33 | |
36 | |
22 | |
113 | |
346 | |
220 | |
161 | |
139 | |
180 | |
221 | |
313 | |
445 | |
289 | |
107 | |
335 | |
812 | |
338 | |
576 | |
295 | |
207 | |
161 | |
133 | |
189 | |
217 | |
301 | |
176 | |
151 | |
137 | |
69 | |
110 | |
309 | |
210 | |
287 | |
138 | |
245 | |
265 | |
195 | |
389 | |
629 | |
158 | |
163 | |
400 | |
88 | |
167 | |
56 | |
117 | |
57 | |
161 | |
166 | |
169 | |
136 | |
113 | |
255 | |
72 | |
80 | |
77 | |
281 | |
565 | |
275 |
