SlideShare a Scribd company logo

Implementing OpenID

David Recordon
David Recordon

This document discusses OpenID, a single sign-on protocol for the web. OpenID allows users to log into multiple websites using a single digital identity and is decentralized, with no single point of failure. The document provides information on how OpenID works, the basic roles of OpenID providers and relying parties, and how to enable OpenID on a website using one's own server and URL.

1 of 69
Download to read offline
Implementing David Recordon Brian Ellin drecordon@verisign.com brian@janrain.com Web 2.0 Expo April 15-18, 2007
brief intro...and then into the code
What is OpenID? Single sign-on for the web Simple and light-weight (not going to replace your atm pin) Easy to use and deploy Open development process Decentralized (no single point of failure) Free!
Proves You Control a URI www.davidrecordon.com brianellin.com
the common things we hear
quot;Been there, done thatquot;
quot;Been there, done thatquot; Great for Centralized Centralized the enterprise
...but do you really trust them?
With OpenID, you get to choose who manages your identity. (you can even change your mind later)
quot;This is a geek's toy, nobody will ever have an OpenID!quot;
~90 million OpenIDs (including every AOL user) OpenID 1.1 - Estimated from various services
quot;Nobody will ever use this!quot;
Total Relying Parties (aka places you can use this stuff) IIW L AO y nt s/ ou & st /B ca T SF eb IIW IIW ip M W Sx 2,500 1,875 1,250 625 0 '05 ct ov ec '06 b ar r ay e ly g p ct ov ec '07 b ar h Ap Au n Fe Se Fe 7t Ju O O M M M D D N Ju N r1 p Jan Jan Se Ap OpenID 1.1 - As viewed by MyOpenID.com
quot;So that's great there are so many blogs, but what about something real?quot;
quot;What's the big deal?quot;
OpenID is another important building block.
quot;Why should we add OpenID to our feature list?quot;
Simon Willison - FOWA 02/07
TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Simon Willison - FOWA 02/07
TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, quot;I've added you as an author to the blog I setup for our bandquot; Simon Willison - FOWA 02/07
TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, quot;I've added you as an author to the blog I setup for our bandquot; Site specific hacks...quot;Login with your AOL OpenID and we'll send you updates over AIMquot; Simon Willison - FOWA 02/07
TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, quot;I've added you as an author to the blog I setup for our bandquot; Site specific hacks...quot;Login with your AOL OpenID and we'll send you updates over AIMquot; If you're not managing passwords, you don't need to build as complex user management systems Simon Willison - FOWA 02/07
How does it work? (protocol and flow)
Basic Terminology OpenID Provider (OP) - Site that makes assertions about an OpenID Relying Party (RP) - Site that wants to verify ownership of an OpenID
O M E Using OpenID D
O M E OpenID Enabling Your Own URL D
O M E Creating an OpenID with your own server D
* *************************************************************************** * * CONFIGURATION * *************************************************************************** * * You must change these values: * auth_username = login name * auth_password = md5(username:realm:password) * * Default username = 'test', password = 'test', realm = 'phpMyID' */ #$profile = array( # 'auth_username' => 'test', # 'auth_password' => '37fa04faebe5249023ed1f6cc867329b' #); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ #$sreg = array ( # 'nickname' => 'Joe', # 'email' => 'joe@example.com', # 'fullname' => 'Joe Example', # 'dob' => '1970-10-31', # 'gender' => 'M', # 'postcode' => '22000', # 'country' => 'US', # 'language' => 'en', # 'timezone' => 'America/New_York' #);
Hash My Password
* *************************************************************************** * * CONFIGURATION * *************************************************************************** * * You must change these values: * auth_username = login name * auth_password = md5(username:realm:password) * * Default username = 'test', password = 'test', realm = 'phpMyID' */ $profile = array( 'auth_username' => 'david', 'auth_password' => 'e0fee9a99fa2fe004bbd70b972a03aa1' ); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ #$sreg = array ( # 'nickname' => 'Joe', # 'email' => 'joe@example.com', # 'fullname' => 'Joe Example', # 'dob' => '1970-10-31', # 'gender' => 'M', # 'postcode' => '22000', # 'country' => 'US', # 'language' => 'en', # 'timezone' => 'America/New_York' #);
Configure Profile Data $profile = array( 'auth_username' => 'david', 'auth_password' => 'e0fee9a99fa2fe004bbd70b972a03aa1' ); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ $sreg = array ( 'nickname' => 'daveman692', 'email' => 'recordond@gmail.com', 'fullname' => 'David Recordon', 'dob' => '1986-09-04', 'gender' => 'M', 'postcode' => '941458', 'country' => 'US', 'language' => 'en', 'timezone' => 'America/Los_Angeles' );
Upload
Configure Delegation (source of www.davidrecordon.com) <html xmlns=quot;http://www.w3.org/1999/xhtmlquot;> <head> <title>David Recordon</title> <style> div { text-align: center; color: #C0C0C0; } img { border: 0px; } a { color: #C0C0C0; } </style> <link rel=quot;openid.serverquot; href=quot;http://www.davidrecordon.com/myid.phpquot; /> <link rel=quot;openid.delegatequot; href=quot;http://www.davidrecordon.com/myid.phpquot; /> </head>
Done! Time to configure and upload phpMyID: <5 minutes http://siege.org/projects/phpMyID/
OpenID Enabling ExpoCal O M E http://cal.web2expo.com/ Existing users: Sign in and click the the quot;add OpenIDquot; D link at the top right New users: Click quot;loginquot; and sign in with your OpenID, skipping the signup process :)
Tools Used iCalicio by Kellan Elliot-McCrea and Evan Henshaw-Plath Ruby and Rails gem install ruby-openid
ExpoCal User Model Stores login name and hashed password We need to add an optional OpenID column 1 class AddOpenId < ActiveRecord::Migration 2 def self.up 3 add_column :users, :openid, :string 4 add_index :users, [:openid], :name => :users_openid_index 5 end 6 7 def self.down 8 remove_column :users, :openid 9 end 10 end
Using the OpenID Library 1 def consumer 2 store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store') 3 store = OpenID::FilesystemStore.new(store_dir) 4 return OpenID::Consumer.new(session, store) 5 end FilesystemStore saved OpenID transaction state OpenID::Consumer handles the protocol details
Add OpenID UI 1 <h2>Or, login with OpenID</h2> 2 <%= start_form_tag(:controller=>'account', :action => 'openid_start') %> 3 <p><label for=quot;openid_identifierquot;>OpenID</label><br/> 4 <%= text_field_tag 'openid_identifier' %></p> 5 <%= submit_tag 'OpenID Login' %> 6 <%= end_form_tag %> <input name=quot;openid_identiferquot; />
Handle Login Form Submit 1 def openid_start 2 openid_request = consumer.begin(params[:openid_identifier]) 3 4 case openid_request.status 5 when OpenID::SUCCESS 6 return_to = url_for(:action => 'openid_finish') 7 trust_root = url_for(:controller => '') 8 server_redirect_url = openid_request.redirect_url(trust_root, return_to) 9 redirect_to(server_redirect_url) 10 11 when OpenID::FAILURE 12 flash[:notice] = quot;Could not find your OpenID server.quot; 13 redirect_back_or_default(:controller => '/account', :action => 'index') 14 15 end 16 end 1. Discover 2.Associate 3. Redirect (we’ll handle the server response at the return_to URL)
Redirect to OpenID Provider
Handle Server Response 1 def openid_finish 2 openid_response = consumer.complete(params) 3 4 case openid_response.status 5 when OpenID::SUCCESS 6 openid = openid_response.identity_url 7 @user = User.find_by_openid(openid) 8 9 unless @user 10 @user = User.create(:openid => openid, :login => openid) 11 end 12 self.current_user = @user 13 flash[:notice] = quot;Welcome #{@user.openid}quot; 14 15 when OpenID::FAILURE 16 flash[:notice] = 'Verification failed.' 17 end 18 19 redirect_back_or_default(:controller => 'talk', :action => 'list') 20 end
Done! Time to implement OpenID in iCalico: 45 minutes http://cal.web2expo.com/
quot;So this all looks great, but what are the downsides?quot;
Kitten Overload! More kittens! Simon Willison - FOWA 02/07
Kitten Overload! FAKE More kittens! Simon Willison - FOWA 02/07
Kitten Overload! Identity theft! FAKE :'( Simon Willison - FOWA 02/07
You could just remove passwords
Client Side Certs
Microsoft CardSpace (UI for certs)
Vidoop (changing the metaphor)
...but passwords are still widely used
VeriSign's OpenID Seatbelt (demoing today)
OpenID is great for innovation! (authentication method is up to the provider and user)
quot;I don't want just one identity...I mean I don't want my boss to know I'm a furry!quot;
Well you don't wear your furry suit to work do you?
So use multiple OpenIDs! (you already do this with email addresses today)
Go code! (and join the conversation at OpenID.net)
Thanks! (and don't forget to grab a CD) David Recordon Brian Ellin drecordon@verisign.com brian@janrain.com

Recommended

Implementing OpenID
Implementing OpenIDImplementing OpenID
Implementing OpenID
Uri Levanon
 
Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0
Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0
Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0
David Recordon
 
OpenID Foundation Japan Chapter Announcement
OpenID Foundation Japan Chapter AnnouncementOpenID Foundation Japan Chapter Announcement
OpenID Foundation Japan Chapter Announcement
David Recordon
 
Eduserv OpenID Meeting: OpenID Today
Eduserv OpenID Meeting: OpenID TodayEduserv OpenID Meeting: OpenID Today
Eduserv OpenID Meeting: OpenID Today
David Recordon
 
Fringe eu procurement - sara piller
Fringe eu procurement - sara pillerFringe eu procurement - sara piller
Fringe eu procurement - sara piller
lgconf11
 
Alpha data sheet
Alpha data sheetAlpha data sheet
Alpha data sheet
CFN Services
 
Los Angeles
Los AngelesLos Angeles
Los Angeles
De Turista a Viajante
 
6.09 The Job Search Tool Box Presentation
6.09 The Job Search Tool Box Presentation6.09 The Job Search Tool Box Presentation
6.09 The Job Search Tool Box Presentation
RalphYoung
 

Recommended

Implementing OpenID
Implementing OpenIDImplementing OpenID
Implementing OpenID
Uri Levanon
 
Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0
Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0
Web 2.0 Expo Berlin: OpenID Emerging from Web 2.0
David Recordon
 
OpenID Foundation Japan Chapter Announcement
OpenID Foundation Japan Chapter AnnouncementOpenID Foundation Japan Chapter Announcement
OpenID Foundation Japan Chapter Announcement
David Recordon
 
Eduserv OpenID Meeting: OpenID Today
Eduserv OpenID Meeting: OpenID TodayEduserv OpenID Meeting: OpenID Today
Eduserv OpenID Meeting: OpenID Today
David Recordon
 
Fringe eu procurement - sara piller
Fringe eu procurement - sara pillerFringe eu procurement - sara piller
Fringe eu procurement - sara piller
lgconf11
 
Alpha data sheet
Alpha data sheetAlpha data sheet
Alpha data sheet
CFN Services
 
Los Angeles
Los AngelesLos Angeles
Los Angeles
De Turista a Viajante
 
6.09 The Job Search Tool Box Presentation
6.09 The Job Search Tool Box Presentation6.09 The Job Search Tool Box Presentation
6.09 The Job Search Tool Box Presentation
RalphYoung
 
Ed Burns @ FOWA 08
Ed Burns @ FOWA 08Ed Burns @ FOWA 08
Ed Burns @ FOWA 08
carsonsystems
 
Sales insitute of ireland november 2010
Sales insitute of ireland november 2010Sales insitute of ireland november 2010
Sales insitute of ireland november 2010
Sales Institute Ireland
 
Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012
sfikasp
 
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
CHISWICK ROOMS HOTEL
 
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
CHISWICK ROOMS HOTEL
 
Domagoj Margetic
Domagoj MargeticDomagoj Margetic
Domagoj Margetic
Emil Čić
 
Design4 services HCDI Seminar Sangiorgi
Design4 services HCDI Seminar SangiorgiDesign4 services HCDI Seminar Sangiorgi
Design4 services HCDI Seminar Sangiorgi
Marco Ajovalasit
 
Dave Folio
Dave FolioDave Folio
Dave Folio
Dave Lilly
 
6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute
RalphYoung
 
Spiral Of Knowledge - 1967
Spiral Of Knowledge - 1967Spiral Of Knowledge - 1967
Spiral Of Knowledge - 1967
HolisticMeta (Self Employed, Part Time)
 
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
Frank Fletcher
 
Layout
LayoutLayout
Layout
patsyrowland
 
Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)
Locus Research
 
Heart Tarsia
Heart TarsiaHeart Tarsia
Heart Tarsia
floatinginjars
 
U r not alone press
U r not alone pressU r not alone press
U r not alone press
urnotalonemovie
 
CloudTunnel Atlanta Ruby Users Group October 2012
CloudTunnel Atlanta Ruby Users Group October 2012CloudTunnel Atlanta Ruby Users Group October 2012
CloudTunnel Atlanta Ruby Users Group October 2012
jmanuzak
 
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
Frederick Zarndt
 
120125 tridti p2_resized
120125 tridti p2_resized120125 tridti p2_resized
120125 tridti p2_resized
Tridti Patarakiatsan
 
Water Related Expertise In Toronto Region July09 Final
Water Related Expertise In Toronto Region July09 FinalWater Related Expertise In Toronto Region July09 Final
Water Related Expertise In Toronto Region July09 Final
Toronto Region Research Alliance
 
Standard Bank Print work
Standard Bank Print workStandard Bank Print work
Standard Bank Print work
TBWA\South Africa
 
rijkhof design package design samples
rijkhof design package design samplesrijkhof design package design samples
rijkhof design package design samples
Rijkhof Design
 
Semester 1 Part 34
Semester 1 Part 34Semester 1 Part 34
Semester 1 Part 34
Chester Lech
 

More Related Content

What's hot

Ed Burns @ FOWA 08
Ed Burns @ FOWA 08Ed Burns @ FOWA 08
Ed Burns @ FOWA 08
carsonsystems
 
Sales insitute of ireland november 2010
Sales insitute of ireland november 2010Sales insitute of ireland november 2010
Sales insitute of ireland november 2010
Sales Institute Ireland
 
Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012
sfikasp
 
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
CHISWICK ROOMS HOTEL
 
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
CHISWICK ROOMS HOTEL
 
Domagoj Margetic
Domagoj MargeticDomagoj Margetic
Domagoj Margetic
Emil Čić
 
Design4 services HCDI Seminar Sangiorgi
Design4 services HCDI Seminar SangiorgiDesign4 services HCDI Seminar Sangiorgi
Design4 services HCDI Seminar Sangiorgi
Marco Ajovalasit
 
Dave Folio
Dave FolioDave Folio
Dave Folio
Dave Lilly
 
6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute
RalphYoung
 
Spiral Of Knowledge - 1967
Spiral Of Knowledge - 1967Spiral Of Knowledge - 1967
Spiral Of Knowledge - 1967
HolisticMeta (Self Employed, Part Time)
 
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
Frank Fletcher
 
Layout
LayoutLayout
Layout
patsyrowland
 
Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)
Locus Research
 
Heart Tarsia
Heart TarsiaHeart Tarsia
Heart Tarsia
floatinginjars
 
U r not alone press
U r not alone pressU r not alone press
U r not alone press
urnotalonemovie
 
CloudTunnel Atlanta Ruby Users Group October 2012
CloudTunnel Atlanta Ruby Users Group October 2012CloudTunnel Atlanta Ruby Users Group October 2012
CloudTunnel Atlanta Ruby Users Group October 2012
jmanuzak
 
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
Frederick Zarndt
 
120125 tridti p2_resized
120125 tridti p2_resized120125 tridti p2_resized
120125 tridti p2_resized
Tridti Patarakiatsan
 
Water Related Expertise In Toronto Region July09 Final
Water Related Expertise In Toronto Region July09 FinalWater Related Expertise In Toronto Region July09 Final
Water Related Expertise In Toronto Region July09 Final
Toronto Region Research Alliance
 
Standard Bank Print work
Standard Bank Print workStandard Bank Print work
Standard Bank Print work
TBWA\South Africa
 

What's hot (20)

Ed Burns @ FOWA 08
Ed Burns @ FOWA 08Ed Burns @ FOWA 08
Ed Burns @ FOWA 08
 
Sales insitute of ireland november 2010
Sales insitute of ireland november 2010Sales insitute of ireland november 2010
Sales insitute of ireland november 2010
 
Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012
 
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
 
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
 
Domagoj Margetic
Domagoj MargeticDomagoj Margetic
Domagoj Margetic
 
Design4 services HCDI Seminar Sangiorgi
Design4 services HCDI Seminar SangiorgiDesign4 services HCDI Seminar Sangiorgi
Design4 services HCDI Seminar Sangiorgi
 
Dave Folio
Dave FolioDave Folio
Dave Folio
 
6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute
 
Spiral Of Knowledge - 1967
Spiral Of Knowledge - 1967Spiral Of Knowledge - 1967
Spiral Of Knowledge - 1967
 
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
M&amp;A Integration Planning The Integration Of An Acquired Companys Legal De...
 
Layout
LayoutLayout
Layout
 
Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)
 
Heart Tarsia
Heart TarsiaHeart Tarsia
Heart Tarsia
 
U r not alone press
U r not alone pressU r not alone press
U r not alone press
 
CloudTunnel Atlanta Ruby Users Group October 2012
CloudTunnel Atlanta Ruby Users Group October 2012CloudTunnel Atlanta Ruby Users Group October 2012
CloudTunnel Atlanta Ruby Users Group October 2012
 
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
 
120125 tridti p2_resized
120125 tridti p2_resized120125 tridti p2_resized
120125 tridti p2_resized
 
Water Related Expertise In Toronto Region July09 Final
Water Related Expertise In Toronto Region July09 FinalWater Related Expertise In Toronto Region July09 Final
Water Related Expertise In Toronto Region July09 Final
 
Standard Bank Print work
Standard Bank Print workStandard Bank Print work
Standard Bank Print work
 

Similar to Implementing OpenID

rijkhof design package design samples
rijkhof design package design samplesrijkhof design package design samples
rijkhof design package design samples
Rijkhof Design
 
Semester 1 Part 34
Semester 1 Part 34Semester 1 Part 34
Semester 1 Part 34
Chester Lech
 
Practicing English
Practicing EnglishPracticing English
Practicing English
guesteec4f8b
 
Aps104 m
Aps104 mAps104 m
Aps104 m
Jonatas Ezequiel Reis
 
Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.
earningreport earningreport
 
Budget2009
Budget2009Budget2009
Budget2009
guest83c5d6
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Thread
guestb9b7f4
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Thread
mokhtar
 
Unit2 Gear
Unit2 GearUnit2 Gear
Unit2 Gear
mokhtar
 
Unit2 Gear
Unit2 GearUnit2 Gear
Unit2 Gear
guestb9b7f4
 
Program - Frontiers of Interaction 2010
Program - Frontiers of Interaction 2010Program - Frontiers of Interaction 2010
Program - Frontiers of Interaction 2010
Frontiers of Interaction
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machine
guestb9b7f4
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machine
mokhtar
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Welding
guestb9b7f4
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Welding
mokhtar
 
Ecm projects : where to start from ?
Ecm projects : where to start from ?Ecm projects : where to start from ?
Ecm projects : where to start from ?
Yannis Nakos
 
Nov Dec Newsletter
Nov Dec NewsletterNov Dec Newsletter
Nov Dec Newsletter
kf_glensky
 
2011美國創新事業規劃研修團分享
2011美國創新事業規劃研修團分享2011美國創新事業規劃研修團分享
2011美國創新事業規劃研修團分享
基欽 劉
 
Scan0002
Scan0002Scan0002
Scan0002
shabbawaka
 
Unit3 Gear
Unit3 GearUnit3 Gear
Unit3 Gear
mokhtar
 

Similar to Implementing OpenID (20)

rijkhof design package design samples
rijkhof design package design samplesrijkhof design package design samples
rijkhof design package design samples
 
Semester 1 Part 34
Semester 1 Part 34Semester 1 Part 34
Semester 1 Part 34
 
Practicing English
Practicing EnglishPracticing English
Practicing English
 
Aps104 m
Aps104 mAps104 m
Aps104 m
 
Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.
 
Budget2009
Budget2009Budget2009
Budget2009
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Thread
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Thread
 
Unit2 Gear
Unit2 GearUnit2 Gear
Unit2 Gear
 
Unit2 Gear
Unit2 GearUnit2 Gear
Unit2 Gear
 
Program - Frontiers of Interaction 2010
Program - Frontiers of Interaction 2010Program - Frontiers of Interaction 2010
Program - Frontiers of Interaction 2010
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machine
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machine
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Welding
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Welding
 
Ecm projects : where to start from ?
Ecm projects : where to start from ?Ecm projects : where to start from ?
Ecm projects : where to start from ?
 
Nov Dec Newsletter
Nov Dec NewsletterNov Dec Newsletter
Nov Dec Newsletter
 
2011美國創新事業規劃研修團分享
2011美國創新事業規劃研修團分享2011美國創新事業規劃研修團分享
2011美國創新事業規劃研修團分享
 
Scan0002
Scan0002Scan0002
Scan0002
 
Unit3 Gear
Unit3 GearUnit3 Gear
Unit3 Gear
 

More from David Recordon

Decentralized Social Networks - WebVisions 2009
Decentralized Social Networks - WebVisions 2009Decentralized Social Networks - WebVisions 2009
Decentralized Social Networks - WebVisions 2009
David Recordon
 
A Social Web Intro at the Internet Identity Workshop
A Social Web Intro at the Internet Identity WorkshopA Social Web Intro at the Internet Identity Workshop
A Social Web Intro at the Internet Identity Workshop
David Recordon
 
Anatomy Of "Connect"
Anatomy Of "Connect"Anatomy Of "Connect"
Anatomy Of "Connect"
David Recordon
 
OpenID Introduction - IIW2008b
OpenID Introduction - IIW2008bOpenID Introduction - IIW2008b
OpenID Introduction - IIW2008b
David Recordon
 
Learning from Apache to create Open Specifications
Learning from Apache to create Open SpecificationsLearning from Apache to create Open Specifications
Learning from Apache to create Open Specifications
David Recordon
 
"Blowing Up" Social Networks by Going Open
"Blowing Up" Social Networks by Going Open"Blowing Up" Social Networks by Going Open
"Blowing Up" Social Networks by Going Open
David Recordon
 
Supporting The Open Web - OSCON 2008
Supporting The Open Web - OSCON 2008Supporting The Open Web - OSCON 2008
Supporting The Open Web - OSCON 2008
David Recordon
 
Building Open Platforms
Building Open PlatformsBuilding Open Platforms
Building Open Platforms
David Recordon
 
Open Platforms in Web 2.0
Open Platforms in Web 2.0Open Platforms in Web 2.0
Open Platforms in Web 2.0
David Recordon
 
Web 2.0 Expo Berlin: Open Platforms and the Social Graph
Web 2.0 Expo Berlin: Open Platforms and the Social GraphWeb 2.0 Expo Berlin: Open Platforms and the Social Graph
Web 2.0 Expo Berlin: Open Platforms and the Social Graph
David Recordon
 
Digital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding OpenidDigital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding Openid
David Recordon
 
OpenID Overview - Seoul July 2007
OpenID Overview - Seoul July 2007OpenID Overview - Seoul July 2007
OpenID Overview - Seoul July 2007
David Recordon
 
OpenID Bootcamp Tutorial
OpenID Bootcamp TutorialOpenID Bootcamp Tutorial
OpenID Bootcamp Tutorial
David Recordon
 

More from David Recordon (14)

Decentralized Social Networks - WebVisions 2009
Decentralized Social Networks - WebVisions 2009Decentralized Social Networks - WebVisions 2009
Decentralized Social Networks - WebVisions 2009
 
A Social Web Intro at the Internet Identity Workshop
A Social Web Intro at the Internet Identity WorkshopA Social Web Intro at the Internet Identity Workshop
A Social Web Intro at the Internet Identity Workshop
 
Anatomy Of "Connect"
Anatomy Of "Connect"Anatomy Of "Connect"
Anatomy Of "Connect"
 
OpenID Introduction - IIW2008b
OpenID Introduction - IIW2008bOpenID Introduction - IIW2008b
OpenID Introduction - IIW2008b
 
Learning from Apache to create Open Specifications
Learning from Apache to create Open SpecificationsLearning from Apache to create Open Specifications
Learning from Apache to create Open Specifications
 
"Blowing Up" Social Networks by Going Open
"Blowing Up" Social Networks by Going Open"Blowing Up" Social Networks by Going Open
"Blowing Up" Social Networks by Going Open
 
Supporting The Open Web - OSCON 2008
Supporting The Open Web - OSCON 2008Supporting The Open Web - OSCON 2008
Supporting The Open Web - OSCON 2008
 
Building Open Platforms
Building Open PlatformsBuilding Open Platforms
Building Open Platforms
 
Open Platforms in Web 2.0
Open Platforms in Web 2.0Open Platforms in Web 2.0
Open Platforms in Web 2.0
 
Web 2.0 Expo Berlin: Open Platforms and the Social Graph
Web 2.0 Expo Berlin: Open Platforms and the Social GraphWeb 2.0 Expo Berlin: Open Platforms and the Social Graph
Web 2.0 Expo Berlin: Open Platforms and the Social Graph
 
ScubaBots - Ignite Sf
ScubaBots - Ignite SfScubaBots - Ignite Sf
ScubaBots - Ignite Sf
 
Digital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding OpenidDigital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding Openid
 
OpenID Overview - Seoul July 2007
OpenID Overview - Seoul July 2007OpenID Overview - Seoul July 2007
OpenID Overview - Seoul July 2007
 
OpenID Bootcamp Tutorial
OpenID Bootcamp TutorialOpenID Bootcamp Tutorial
OpenID Bootcamp Tutorial
 

Recently uploaded

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 

Recently uploaded (20)

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 

Implementing OpenID

  • 1. Implementing David Recordon Brian Ellin drecordon@verisign.com brian@janrain.com Web 2.0 Expo April 15-18, 2007
  • 2. brief intro...and then into the code
  • 3. What is OpenID? Single sign-on for the web Simple and light-weight (not going to replace your atm pin) Easy to use and deploy Open development process Decentralized (no single point of failure) Free!
  • 4. Proves You Control a URI www.davidrecordon.com brianellin.com
  • 7. quot;Been there, done thatquot; Great for Centralized Centralized the enterprise
  • 8. ...but do you really trust them?
  • 9.
  • 10. With OpenID, you get to choose who manages your identity. (you can even change your mind later)
  • 11. quot;This is a geek's toy, nobody will ever have an OpenID!quot;
  • 12. ~90 million OpenIDs (including every AOL user) OpenID 1.1 - Estimated from various services
  • 13. quot;Nobody will ever use this!quot;
  • 14. Total Relying Parties (aka places you can use this stuff) IIW L AO y nt s/ ou & st /B ca T SF eb IIW IIW ip M W Sx 2,500 1,875 1,250 625 0 '05 ct ov ec '06 b ar r ay e ly g p ct ov ec '07 b ar h Ap Au n Fe Se Fe 7t Ju O O M M M D D N Ju N r1 p Jan Jan Se Ap OpenID 1.1 - As viewed by MyOpenID.com
  • 15. quot;So that's great there are so many blogs, but what about something real?quot;
  • 16.
  • 17.
  • 18.
  • 19.
  • 20. quot;What's the big deal?quot;
  • 21. OpenID is another important building block.
  • 22. quot;Why should we add OpenID to our feature list?quot;
  • 23. Simon Willison - FOWA 02/07
  • 24. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Simon Willison - FOWA 02/07
  • 25. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, quot;I've added you as an author to the blog I setup for our bandquot; Simon Willison - FOWA 02/07
  • 26. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, quot;I've added you as an author to the blog I setup for our bandquot; Site specific hacks...quot;Login with your AOL OpenID and we'll send you updates over AIMquot; Simon Willison - FOWA 02/07
  • 27. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, quot;I've added you as an author to the blog I setup for our bandquot; Site specific hacks...quot;Login with your AOL OpenID and we'll send you updates over AIMquot; If you're not managing passwords, you don't need to build as complex user management systems Simon Willison - FOWA 02/07
  • 28. How does it work? (protocol and flow)
  • 29. Basic Terminology OpenID Provider (OP) - Site that makes assertions about an OpenID Relying Party (RP) - Site that wants to verify ownership of an OpenID
  • 30. O M E Using OpenID D
  • 31. O M E OpenID Enabling Your Own URL D
  • 32. O M E Creating an OpenID with your own server D
  • 33.
  • 34. * *************************************************************************** * * CONFIGURATION * *************************************************************************** * * You must change these values: * auth_username = login name * auth_password = md5(username:realm:password) * * Default username = 'test', password = 'test', realm = 'phpMyID' */ #$profile = array( # 'auth_username' => 'test', # 'auth_password' => '37fa04faebe5249023ed1f6cc867329b' #); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ #$sreg = array ( # 'nickname' => 'Joe', # 'email' => 'joe@example.com', # 'fullname' => 'Joe Example', # 'dob' => '1970-10-31', # 'gender' => 'M', # 'postcode' => '22000', # 'country' => 'US', # 'language' => 'en', # 'timezone' => 'America/New_York' #);
  • 36. * *************************************************************************** * * CONFIGURATION * *************************************************************************** * * You must change these values: * auth_username = login name * auth_password = md5(username:realm:password) * * Default username = 'test', password = 'test', realm = 'phpMyID' */ $profile = array( 'auth_username' => 'david', 'auth_password' => 'e0fee9a99fa2fe004bbd70b972a03aa1' ); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ #$sreg = array ( # 'nickname' => 'Joe', # 'email' => 'joe@example.com', # 'fullname' => 'Joe Example', # 'dob' => '1970-10-31', # 'gender' => 'M', # 'postcode' => '22000', # 'country' => 'US', # 'language' => 'en', # 'timezone' => 'America/New_York' #);
  • 37. Configure Profile Data $profile = array( 'auth_username' => 'david', 'auth_password' => 'e0fee9a99fa2fe004bbd70b972a03aa1' ); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ $sreg = array ( 'nickname' => 'daveman692', 'email' => 'recordond@gmail.com', 'fullname' => 'David Recordon', 'dob' => '1986-09-04', 'gender' => 'M', 'postcode' => '941458', 'country' => 'US', 'language' => 'en', 'timezone' => 'America/Los_Angeles' );
  • 39. Configure Delegation (source of www.davidrecordon.com) <html xmlns=quot;http://www.w3.org/1999/xhtmlquot;> <head> <title>David Recordon</title> <style> div { text-align: center; color: #C0C0C0; } img { border: 0px; } a { color: #C0C0C0; } </style> <link rel=quot;openid.serverquot; href=quot;http://www.davidrecordon.com/myid.phpquot; /> <link rel=quot;openid.delegatequot; href=quot;http://www.davidrecordon.com/myid.phpquot; /> </head>
  • 40. Done! Time to configure and upload phpMyID: <5 minutes http://siege.org/projects/phpMyID/
  • 41. OpenID Enabling ExpoCal O M E http://cal.web2expo.com/ Existing users: Sign in and click the the quot;add OpenIDquot; D link at the top right New users: Click quot;loginquot; and sign in with your OpenID, skipping the signup process :)
  • 42. Tools Used iCalicio by Kellan Elliot-McCrea and Evan Henshaw-Plath Ruby and Rails gem install ruby-openid
  • 43. ExpoCal User Model Stores login name and hashed password We need to add an optional OpenID column 1 class AddOpenId < ActiveRecord::Migration 2 def self.up 3 add_column :users, :openid, :string 4 add_index :users, [:openid], :name => :users_openid_index 5 end 6 7 def self.down 8 remove_column :users, :openid 9 end 10 end
  • 44. Using the OpenID Library 1 def consumer 2 store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store') 3 store = OpenID::FilesystemStore.new(store_dir) 4 return OpenID::Consumer.new(session, store) 5 end FilesystemStore saved OpenID transaction state OpenID::Consumer handles the protocol details
  • 45. Add OpenID UI 1 <h2>Or, login with OpenID</h2> 2 <%= start_form_tag(:controller=>'account', :action => 'openid_start') %> 3 <p><label for=quot;openid_identifierquot;>OpenID</label><br/> 4 <%= text_field_tag 'openid_identifier' %></p> 5 <%= submit_tag 'OpenID Login' %> 6 <%= end_form_tag %> <input name=quot;openid_identiferquot; />
  • 46. Handle Login Form Submit 1 def openid_start 2 openid_request = consumer.begin(params[:openid_identifier]) 3 4 case openid_request.status 5 when OpenID::SUCCESS 6 return_to = url_for(:action => 'openid_finish') 7 trust_root = url_for(:controller => '') 8 server_redirect_url = openid_request.redirect_url(trust_root, return_to) 9 redirect_to(server_redirect_url) 10 11 when OpenID::FAILURE 12 flash[:notice] = quot;Could not find your OpenID server.quot; 13 redirect_back_or_default(:controller => '/account', :action => 'index') 14 15 end 16 end 1. Discover 2.Associate 3. Redirect (we’ll handle the server response at the return_to URL)
  • 48. Handle Server Response 1 def openid_finish 2 openid_response = consumer.complete(params) 3 4 case openid_response.status 5 when OpenID::SUCCESS 6 openid = openid_response.identity_url 7 @user = User.find_by_openid(openid) 8 9 unless @user 10 @user = User.create(:openid => openid, :login => openid) 11 end 12 self.current_user = @user 13 flash[:notice] = quot;Welcome #{@user.openid}quot; 14 15 when OpenID::FAILURE 16 flash[:notice] = 'Verification failed.' 17 end 18 19 redirect_back_or_default(:controller => 'talk', :action => 'list') 20 end
  • 49. Done! Time to implement OpenID in iCalico: 45 minutes http://cal.web2expo.com/
  • 50. quot;So this all looks great, but what are the downsides?quot;
  • 51. Kitten Overload! More kittens! Simon Willison - FOWA 02/07
  • 52. Kitten Overload! FAKE More kittens! Simon Willison - FOWA 02/07
  • 53. Kitten Overload! Identity theft! FAKE :'( Simon Willison - FOWA 02/07
  • 54. You could just remove passwords
  • 56. Microsoft CardSpace (UI for certs)
  • 58. ...but passwords are still widely used
  • 59. VeriSign's OpenID Seatbelt (demoing today)
  • 60.
  • 61.
  • 62.
  • 63.
  • 64. OpenID is great for innovation! (authentication method is up to the provider and user)
  • 65. quot;I don't want just one identity...I mean I don't want my boss to know I'm a furry!quot;
  • 66. Well you don't wear your furry suit to work do you?
  • 67. So use multiple OpenIDs! (you already do this with email addresses today)
  • 68. Go code! (and join the conversation at OpenID.net)
  • 69. Thanks! (and don't forget to grab a CD) David Recordon Brian Ellin drecordon@verisign.com brian@janrain.com