Posted by Trejkaz
Thu, 24 Aug 2006 23:51:00 GMT
Those of you who know me from Jabber-related projects will probably have noticed that I dumped everyone from my main roster and moved you all to my newer, “official business” Jabber ID. I’ve also been routinely moving all semi-work-related mail to the respective email address.
I guess now people will be able to cope with my mail address and Jabber ID as the new ones are much easier to remember. :-)
Next I want to move my Jabber-related software projects over to my other domain, but that’s going to take a little time because I’ll have to tinker with the source files and copyright notices too. No fun… I wonder if there is some way that I can omit copyright notices and have Subversion add them automatically when the files are checked out. That would be grand.
Tags identity, meta | no comments
Posted by Trejkaz
Sat, 12 Aug 2006 14:47:00 GMT
First, I should add a little background for people not already in the know.
OpenID is a decentralised identity system, the general idea being that different sites can authenticate with each other, so that as a user, you need only ever login to a single web site. It has been designed to keep things simple, at least from the user’s point of view. Although a lot of clever cryptography happens under the hood, the user is never exposed to it (although concerned users can certainly go and read the specs if they are worried about how it’s implemented.
The protocol was created by Brad Fitzpatrick of LiveJournal fame, and indeed, LiveJournal was the first major service to support the protocol.
Whereas protocols such as Passel may be more flexible by supporting proof of identity using multiple means – whether it be email, instant messaging, or whatever – OpenID has the immediate benefit of being implementable today, without modifying the web browser itself.
A while back, there was mention on the Typo mailing list that someone was adding support for users to authenticate using OpenID when leaving comments on the weblog. There was also some talk about how awesome it would be if Typo could also act as an OpenID server in its own right. It would mean that every separate deployment of Typo would have its own OpenID service built-in – this is the sort of true decentralisation which OpenID was designed to permit.
But instead of waiting until the code ended up in Typo, I was actually considering setting up my own OpenID service. If I put it on some sensibly-chosen URL, it may even turn out to be the same as the URL Typo came up with. One such URL might be http://trypticon.org/users/trejkaz, which might also serve as a page showing the user’s profile and contact information – it may even list articles written by that user. If I were to set up a server, then as Typo weblogs started rolling out support for OpenID commenting, I would be able to use the feature on other people’s blogs without having to wait for the server to be implemented in Typo itself (a much more complex task, or so I’m led to believe.)
Unfortunately, it turned out to be a bit difficult to set one up because when I went looking, there was no simple, ready-to-use OpenID server that I could find bundled up in a friendly fashion. But the good news is, I discovered that you can achieve the same sort of effect with much less work, and all you have to do is sacrifice some of the decentralised nature of the service.
I’ll present my guide to getting this working as a tutorial in three steps. It’s much easier than you might imagine.
Read more...
Tags identity, meta, openid, tutorial | no comments