All Regions
Argentina
Australia
Austria
Belgium (fr)
Belgium (nl)
Brazil
Bulgaria
Canada (en)
Canada (fr)
Catalonia
Chile
China
Colombia
Croatia
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hong Kong
Hungary
Iceland
India (en)
Indonesia (en)
Ireland
Israel (en)
Italy
Japan
Korea
Latvia
Lithuania
Malaysia (en)
Mexico
Netherlands
New Zealand
Norway
Pakistan (en)
Peru
Philippines (en)
Poland
Portugal
Romania
Russia
Saudi Arabia
Singapore
Slovakia
Slovenia
South Africa
Spain (ca)
Spain (es)
Sweden
Switzerland (de)
Switzerland (fr)
Taiwan
Thailand (en)
Turkey
US (English)
US (Spanish)
Ukraine
United Kingdom
Vietnam (en)
Any Time
Past Day
Past Week
Past Month
Past Year
Providing and Delegating OpenIDs - Will Norris
willnorris.com/2008/providing-and-delegating-openids/
In multi-user, the default configuration, the server supports a feature in
OpenID
2.0 called
OpenID
Provider driven identifier selection. What this means is that ANY user on that blog can enter the home URL as their
OpenID
, and the
OpenID
provider itself will make sure that the correct identifier is returned to the relying party.
Directed Identity vs Identifier Select - Will Norris
willnorris.com/2009/openid-directed-identity-identifier-select/
OpenID
Provider driven identifier selection (or identifier select for short) refers to the ability for a user to enter the URL of their
OpenID
Provider into an
OpenID
field rather than their personal
OpenID
URL. This is a feature of
OpenID
2.0, and will result in an actual user
OpenID
URL being returned to the consuming
site
. ...
A New Kind of OpenID Proxy - Will Norris
willnorris.com/2009/a-new-kind-of-openid-proxy/
The
OpenID
proxy would then combine the user's
OpenID
together with the salt value, and use that to generate the final directed identity that is returned to the relying party. If the proxy were subpoenaed to verify if a given directed identifier belonged to "alice.example.org", it would be unable to do so without also knowing the user ...
WordPress OpenID v3.0 - Will Norris
willnorris.com/2008/wordpress-openid-v3/
OpenID
Provider - Specific user roles can be given the capability of using the built-in
OpenID
provider, turning their author posts URL into a valid
OpenID
which can be used to login to other
sites
. This includes support for
OpenID
1.0 and 2.0 as well as Simple Registration 1.0, with hooks to add other
OpenID
extensions.
WordPress OpenID v3.3 - Will Norris
willnorris.com/2009/wordpress-openid-v3-3/
Second, this release features a new user interface for the integrating
OpenID
into the WordPress comment form. Instead of simply advertising
OpenID
support on the "Website" field, and always attempting
OpenID
authentication, the plugin now detects
OpenID
support for a URL, and gives the user the option to authenticate the comment. This ...
Java OpenID Library - Configuration and Custom Messages
willnorris.com/2009/java-openid-library-configuration-and-custom-messages/
I previously described how message handling works in the Internet2
OpenID
library, and how each
OpenID
message type requires a half dozen or so classes to handle everything. While this may seem like overkill to some, one of the nice things about this separation of logic is that it makes it quite simple to provide custom implementations of specific kinds of messages.
wp-openid 2.2.0 released - Will Norris
willnorris.com/2008/wp-openid-220-released/
I did however contact the admin of
openid
.pl and we figured out what the problem was. It was a minor bug in wp-
openid
- it was adding a trailing slash to the trust_root URL, but not the return_to URL. Therefore
openid
.pl rightfully detected that the return_to was not under the same path as the trust_root and therefore rejected it.
How well does your OpenID Provider stack up? - willnorris.com
willnorris.com/2007/how-well-does-your-openid-provider-stack-up/
There are increasingly more specs in the
OpenID
space, and many of the extensions rely on XRDS documents to publicize support. To help enable that, I've been looking to update my yadis plugin for WordPress to automatically include the correct protocol support for the major
OpenID
Providers. Of course, in order to do that I have to actually find out what all protocols they supported, so I ...
Java OpenID Library - Target Audience
willnorris.com/2009/java-openid-library-target-audience/
At its core, this library is an
OpenID
messaging library. It is capable of converting between generic HTTP messages and strongly typed
OpenID
objects that developers can work with. My last two posts have talked about this in detail. The library also provides the additional logic for implementing the
OpenID
specification, things like Diffie ...
Java OpenID Library Design - Message Handling - Will Norris
willnorris.com/2009/java-openid-library-design-message-handling/
This past June I contracted with Internet2 to work on adding
OpenID
support to the Shibboleth Identity Provider. I had actually started to work on this over a year prior while working at USC. At the time there were (and still are) two primary
OpenID
libraries in Java, Verisign's JOID, and Sxip's OpenID4Java.I spent a fair amount of time looking at both libraries, but ultimately decided ...
The Next Steps with wp-openid - willnorris.com
willnorris.com/2008/the-next-steps-with-wp-openid/
I'm really excited about what's been happening with the WordPress
OpenID
plugin the last couple of weeks. When it's ready to ship, I'm sure I'll do some really deep contemplative post about "how far we've come" or something like that. In the meantime however, I think I've got something that is mostly feature complete and more ...
OpenID is not a provisioning engine - willnorris.com
willnorris.com/2007/openid-is-not-a-provisioning-engine/
In talking about the future possibilities of
OpenID
2.0 and the Attribute Exchange extension, James Henstridge mentions, Imagine being able to update your shipping address in one place when you move house and having all the online retailers you use receive the updated address immediately. Or changing your email address and having all the bugzilla instances you use pick up the new address ...
improving OpenID support
willnorris.com/2007/improving-openid-support/
Sam Alexander of MyVidoop emailed me last week to say that they'd be rolling out some new features in regards to
OpenID
support. Sure enough, you can see on the
OpenID
Support table that they've added support for xrds-header, yadis-html, and most importantly, content-type. Additionally, IDtail, a Korean
OpenID
provider, added support for content-type as well since I last updated the table.
OpenID and WordPress Core - willnorris.com
willnorris.com/2009/openid-and-wordpress-core/
The
OpenID
plugin is pretty popular, but it is far from having the critical mass that would justify inclusion in core. I am a firm believer that WordPress should by no means try and include every cool feature under the sun in core. It would quickly grow out of control. I do believe, however, that the appropriate hooks should be provided in core ...
wp-openid - faster, stronger, better
willnorris.com/2008/wp-openid-faster-stronger-better/
One of the primary focuses for this next major release of wp-
openid
is stability. While most people have had great success with the plugin, there are a fair number that seem to have all kinds of strange problems, ranging from conflicts with other plugins, data corruption, library issues, etc. In order to reach the level of adoption I'd love to see, we have to make this plugin as easy to ...
Comparison of Support among OpenID Providers - Will Norris
willnorris.com/openid-support/
Gone as of December 2013 This page used to display a table comparing the
OpenID
protocol support by some of the more popular
OpenID
providers. The protocols this page tested for are all but dead at this point, and I haven't maintained the list for several years now, so I've taken it down.
OpenID provider wish-list
willnorris.com/2007/openid-provider-wish-list/
Here is a short list of items I came up with that I'd like to see in an
OpenID
provider, roughly in priority order. A number of them are already addressed by one or more existing providers, while several are not. SSL - not having SSL is an immediate deal breaker. If my password or my personal information is going over the wire, it sure as ...
wp-openid intelligent defaults
willnorris.com/2007/wp-openid-intelligent-defaults/
add
OpenID
to login form - Previously, it was configurable whether you wanted the
OpenID
field to be added to the login form on wp-login.php. It is now always displayed, and the reasoning somewhat relates to the previous option. Since wp-
openid
completely honors the "anyone can register" option, there is no harm in displaying the
OpenID
...
final push for wp-openid 2.0 - willnorris.com
willnorris.com/2007/final-push-for-wp-openid-20/
This morning I committed the one remaining update I was really holding off for in releasing wp-
openid
2.0. Previously, the plugin set a comment type of
openid
for
OpenID
comments, and then used some clever trickery to expose the expected value of comment to the rest of WordPress. Well, almost the rest of WordPress… it still caused some problems with other plugins and such. Even more than ...
wp-openid 2.0 released - Will Norris
willnorris.com/2007/wp-openid-20-released/
I've just tagged version 2.0 of wp-
openid
, a WordPress plugin which allows you to use
OpenID
for authenticating users and commenters. There are a number of really cool features we just weren't able to get into this release, so that just means more to come in the next version.
Authentication in WordPress 2.8 - willnorris.com
willnorris.com/2009/authentication-in-wordpress-28/
Use Case. I've spent a lot of time working with the WordPress authentication system. I took over the
OpenID
plugin for WordPress two years ago, and was hired by Vidoop last May to work on the DiSo Project full time. Last summer, Matt Mullenweg invited me to talk at WordCamp SF 2008 about OAuth. As you can see in my slidedeck, it was a lot of smoke and mirrors at that point… we didn't ...
hCard is not a provisioning engine (for private data)
willnorris.com/2007/hcard-is-not-a-provisioning-engine-for-private-data/
The one most commonly supported in
OpenID
providers today is the idea of personas - a complete set of attribute values that reflect your online identity within a particular context. You may have a "work" persona that includes your formal name, work email address and website, etc. Separately, you may have a "personal" persona that has ...
The Open Stack (in PHP)
willnorris.com/2009/the-open-stack-in-php/
OpenID
. Let's start with the most mature library we've got. JanRain made a huge name for themselves in the
OpenID
community a couple of years ago by providing open source libraries in a number of different languages, including of course PHP. Like any library, there are a few weird things here and there, but by and large it is an excellent ...
Feedback