All Regions
Argentina
Australia
Austria
Belgium (fr)
Belgium (nl)
Brazil
Bulgaria
Canada (en)
Canada (fr)
Catalonia
Chile
China
Colombia
Croatia
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hong Kong
Hungary
Iceland
India (en)
Indonesia (en)
Ireland
Israel (en)
Italy
Japan
Korea
Latvia
Lithuania
Malaysia (en)
Mexico
Netherlands
New Zealand
Norway
Pakistan (en)
Peru
Philippines (en)
Poland
Portugal
Romania
Russia
Saudi Arabia
Singapore
Slovakia
Slovenia
South Africa
Spain (ca)
Spain (es)
Sweden
Switzerland (de)
Switzerland (fr)
Taiwan
Thailand (en)
Turkey
US (English)
US (Spanish)
Ukraine
United Kingdom
Vietnam (en)
Any Time
Past Day
Past Week
Past Month
Past Year
Providing and Delegating OpenIDs - Will Norris
willnorris.com/2008/providing-and-delegating-openids/
In multi-user, the default configuration, the server supports a feature in
OpenID
2.0 called
OpenID
Provider driven identifier selection. What this means is that ANY user on that blog can enter the home URL as their
OpenID
, and the
OpenID
provider itself will make sure that the correct identifier is returned to the relying party.
Directed Identity vs Identifier Select - Will Norris
willnorris.com/2009/openid-directed-identity-identifier-select/
OpenID
Provider driven identifier selection (or identifier select for short) refers to the ability for a user to enter the URL of their
OpenID
Provider into an
OpenID
field rather than their personal
OpenID
URL. This is a feature of
OpenID
2.0, and will result in an actual user
OpenID
URL being returned to the consuming
site
. ...
A New Kind of OpenID Proxy - Will Norris
willnorris.com/2009/a-new-kind-of-openid-proxy/
The
OpenID
proxy would then combine the user's
OpenID
together with the salt value, and use that to generate the final directed identity that is returned to the relying party. If the proxy were subpoenaed to verify if a given directed identifier belonged to "alice.example.org", it would be unable to do so without also knowing the user ...
WordPress OpenID v3.3 - Will Norris
willnorris.com/2009/wordpress-openid-v3-3/
Second, this release features a new user interface for the integrating
OpenID
into the WordPress comment form. Instead of simply advertising
OpenID
support on the "Website" field, and always attempting
OpenID
authentication, the plugin now detects
OpenID
support for a URL, and gives the user the option to authenticate the comment. This ...
How well does your OpenID Provider stack up? - willnorris.com
willnorris.com/2007/how-well-does-your-openid-provider-stack-up/
There are increasingly more specs in the
OpenID
space, and many of the extensions rely on XRDS documents to publicize support. To help enable that, I've been looking to update my yadis plugin for WordPress to automatically include the correct protocol support for the major
OpenID
Providers. Of course, in order to do that I have to actually find out what all protocols they supported, so I ...
WordPress OpenID v3.0 - Will Norris
willnorris.com/2008/wordpress-openid-v3/
OpenID
Provider - Specific user roles can be given the capability of using the built-in
OpenID
provider, turning their author posts URL into a valid
OpenID
which can be used to login to other
sites
. This includes support for
OpenID
1.0 and 2.0 as well as Simple Registration 1.0, with hooks to add other
OpenID
extensions.
Java OpenID Library Design - Message Handling - Will Norris
willnorris.com/2009/java-openid-library-design-message-handling/
This past June I contracted with Internet2 to work on adding
OpenID
support to the Shibboleth Identity Provider. I had actually started to work on this over a year prior while working at USC. At the time there were (and still are) two primary
OpenID
libraries in Java, Verisign's JOID, and Sxip's OpenID4Java.I spent a fair amount of time looking at both libraries, but ultimately decided ...
Java OpenID Library - Target Audience
willnorris.com/2009/java-openid-library-target-audience/
At its core, this library is an
OpenID
messaging library. It is capable of converting between generic HTTP messages and strongly typed
OpenID
objects that developers can work with. My last two posts have talked about this in detail. The library also provides the additional logic for implementing the
OpenID
specification, things like Diffie ...
The Next Steps with wp-openid - willnorris.com
willnorris.com/2008/the-next-steps-with-wp-openid/
I'm really excited about what's been happening with the WordPress
OpenID
plugin the last couple of weeks. When it's ready to ship, I'm sure I'll do some really deep contemplative post about "how far we've come" or something like that. In the meantime however, I think I've got something that is mostly feature complete and more ...
improving OpenID support
willnorris.com/2007/improving-openid-support/
Sam Alexander of MyVidoop emailed me last week to say that they'd be rolling out some new features in regards to
OpenID
support. Sure enough, you can see on the
OpenID
Support table that they've added support for xrds-header, yadis-html, and most importantly, content-type. Additionally, IDtail, a Korean
OpenID
provider, added support for content-type as well since I last updated the table.
Identity and Identifiers
willnorris.com/2010/identity-and-identifiers/
The most exciting part of all this was that every FreeYourID domain was automatically an
OpenID
, backed by MyOpenID. It was a great example of putting individuals in control of their identity online, and how
OpenID
delegation fit into that picture. Seeing the potential for this,
wp-openid - faster, stronger, better
willnorris.com/2008/wp-openid-faster-stronger-better/
One of the primary focuses for this next major release of wp-
openid
is stability. While most people have had great success with the plugin, there are a fair number that seem to have all kinds of strange problems, ranging from conflicts with other plugins, data corruption, library issues, etc. In order to reach the level of adoption I'd love to see, we have to make this plugin as easy to ...
wp-openid 2.2.0 released - Will Norris
willnorris.com/2008/wp-openid-220-released/
I did however contact the admin of
openid
.pl and we figured out what the problem was. It was a minor bug in wp-
openid
- it was adding a trailing slash to the trust_root URL, but not the return_to URL. Therefore
openid
.pl rightfully detected that the return_to was not under the same path as the trust_root and therefore rejected it.
Java OpenID Library - Configuration and Custom Messages
willnorris.com/2009/java-openid-library-configuration-and-custom-messages/
I previously described how message handling works in the Internet2
OpenID
library, and how each
OpenID
message type requires a half dozen or so classes to handle everything. While this may seem like overkill to some, one of the nice things about this separation of logic is that it makes it quite simple to provide custom implementations of specific kinds of messages.
Comparison of Support among OpenID Providers - Will Norris
willnorris.com/openid-support/
Gone as of December 2013 This page used to display a table comparing the
OpenID
protocol support by some of the more popular
OpenID
providers. The protocols this page tested for are all but dead at this point, and I haven't maintained the list for several years now, so I've taken it down.
OpenID is not a provisioning engine - willnorris.com
willnorris.com/2007/openid-is-not-a-provisioning-engine/
In talking about the future possibilities of
OpenID
2.0 and the Attribute Exchange extension, James Henstridge mentions, Imagine being able to update your shipping address in one place when you move house and having all the online retailers you use receive the updated address immediately. Or changing your email address and having all the bugzilla instances you use pick up the new address ...
Challenges in changing my OpenID - willnorris.com
willnorris.com/2008/challenges-in-changing-my-openid/
This (moving
OpenID
identifiers) is definitely a pain point for
OpenID
today… we need a good, standard solution for this. Stephen Paul Weber December 21, 2008 "For what it's worth, the new work we're doing on metadata discovery with XRD would prevent this problem, since we're moving away from overloading normal HTTP requests where ...
Changes to wp-openid
willnorris.com/2008/changes-to-wp-openid/
Today I committed a few pretty substantial changes to wp-
openid
, changing how the
OpenID
flow happens. Effectively, I've created a new single endpoint which receives all
OpenID
responses, located at /openid_consumer. Previously, these response were sent to a number of different endpoints depending on whether you were simply logging in, leaving a comment, or adding a new
OpenID
to your ...
wp-openid 2.0 released - Will Norris
willnorris.com/2007/wp-openid-20-released/
I've just tagged version 2.0 of wp-
openid
, a WordPress plugin which allows you to use
OpenID
for authenticating users and commenters. There are a number of really cool features we just weren't able to get into this release, so that just means more to come in the next version.
final push for wp-openid 2.0 - willnorris.com
willnorris.com/2007/final-push-for-wp-openid-20/
This morning I committed the one remaining update I was really holding off for in releasing wp-
openid
2.0. Previously, the plugin set a comment type of
openid
for
OpenID
comments, and then used some clever trickery to expose the expected value of comment to the rest of WordPress. Well, almost the rest of WordPress… it still caused some problems with other plugins and such. Even more than ...
Authentication in WordPress 2.8 - willnorris.com
willnorris.com/2009/authentication-in-wordpress-28/
Use Case. I've spent a lot of time working with the WordPress authentication system. I took over the
OpenID
plugin for WordPress two years ago, and was hired by Vidoop last May to work on the DiSo Project full time. Last summer, Matt Mullenweg invited me to talk at WordCamp SF 2008 about OAuth. As you can see in my slidedeck, it was a lot of smoke and mirrors at that point… we didn't ...
hCard is not a provisioning engine (for private data)
willnorris.com/2007/hcard-is-not-a-provisioning-engine-for-private-data/
The one most commonly supported in
OpenID
providers today is the idea of personas - a complete set of attribute values that reflect your online identity within a particular context. You may have a "work" persona that includes your formal name, work email address and website, etc. Separately, you may have a "personal" persona that has ...
The Open Stack (in PHP)
willnorris.com/2009/the-open-stack-in-php/
OpenID
. Let's start with the most mature library we've got. JanRain made a huge name for themselves in the
OpenID
community a couple of years ago by providing open source libraries in a number of different languages, including of course PHP. Like any library, there are a few weird things here and there, but by and large it is an excellent ...
Feedback