Technology Preview: Feide OpenID
All users that have a Feide ID, can now use their ID with OpenID service providers.
Currently, the Feide OpenID interface is not official in the sense that we cannot guarantee anything. We appreciate if end-users test the service and gives us feedback on how it works, if it works and what feature to implement next.
The Feide OpenID interface supports authentication with OpenID 1.1. I've implemented Simple Registration Extension, but this is not yet as stable as the basic authentication functionality.
How to use Feide OpenID
In this early test-phase of Feide OpenID the URLs are temporary. That means if you start using this test-service you at some points need to update your OpenID references on your website.
The OpenID Provider URL is:
http://feide.erlang.no/openid2/examples/server/server.php
The OpenID Delegation URL should be:
https://openid.feide.no/andreas@uninett.no, where andreas@uninett.no is my Feide name. Replace it with your Feide name.
To make an OpenID from your blog/web site, in the main html file, in example index.php or index.html add the following two elements in your head section:
<link rel="openid.server" href="http://feide.erlang.no/openid2/examples/server/server.php" />
<link rel="openid.delegate" href="https://openid.feide.no/andreas@uninett.no" />
We also want to give Feide users that does not have their own webpage the possibility to use OpenID with Feide. To enable that we will offer predefined OpenID URLs for every Feide name. We cannot do this before we have setup SSL, a valid cert and stabilized the URLs. Probably we will end up with URLs like this: https://openid.feide.no/andreas@uninett.no. This URL will then present a small web page with the correct OpenID server and possibly delegate elements, making it valid OpenIDs bound to the corresponding Feide ID.
Another example
You need to replace your web site url and the Feide ID. Say your web site is on http://peter.mycoolblog.no and your Feide name is peter@uit.no Then your OpenID becomes exactly this URL. Next you need to edit the front page of http://peter.mycoolblog.no and add the following section in the head:
<link rel="openid.server" href="http://feide.erlang.no/openid2/examples/server/server.php" />
<link rel="openid.delegate" href="https://openid.feide.no/peter@uit.no" />
Where to use Feide OpenID
Here are some OpenID service providers that you can test with:
All these are tested to work with Feide. There are several more out there.
Sign on using Feide OpenID
I go to jyte.com
As http://erlang.no is setup as a an Feide OpenID as described earlier in this article, by clicking sign on, I am redirected to the normal Feide login screen (unless I have a valid SSO session):
After logging in and because this is the first time I use Feide OpenID with Jyte, I am asked whether I want to accept to authenticate towards this service. I can check remeber this option to not be asked again for this service.
I click confirm. And, weee... I am logged in to Jyte:
[...] Technology Preview:
[...] Technology Preview: Feide OpenID «All users that have a Feide ID, can now use their ID with OpenID service providers. ¶ Currently, the Feide OpenID interface is not official in the sense that we cannot guarantee anything. […]» (tags: feide uninett OpenID) [...]
July 18, 2007 12:11 PM
July 18, 2007 12:11 PM Earlier today I announced that we have a Feide OpenID test service. Now I added support for authenticating with OpenID when adding comments on this blog. [IMG] So, create a Feide OpenID as described earlier today, and then try to use it to add a comment to this blog entry :) Share This
[...] About Feide OpenID
[...] About Feide OpenID [...]
[...] hys.teria.no er lagt
[...] hys.teria.no er lagt til rette for OpenID - så nå kan man logge seg på tjenesten med f.eks. sitt Feide-navn - se informasjon omforsøkstjenesten til Uninett. [...]
[...] Ferietiden kan brukes
[...] Ferietiden kan brukes til å eksperimentere med nye tjenester. Det har Uninett og Feide tatt høyde for og lansert testtjenesten Feide OpenID (kanskje på oppfordring fra eStandard?). Vi har testet tjenesten og har ingen problemer med å logge oss på tjenester som har implementert OpenID ved hjelp av vårt FEIDE-brukernavn og -passord. Dermed er er den digititale hverdag, i hvert fall i teorien, blitt litt enklere å håndtere ut fra det brukernavn og passord som jeg benytter hver dag som ansatt ved en landets undervisningsinstitusjoner. [...]
[...] Try it at:
[...] Try it at: http://rnd.feide.no/2007/07/18/technology-preview-feide-openid/ [...]
Great initiative. I have
Great initiative. I have commented it on http://www.estandard.no/?q=node/97 (in Norwegian).
A question though: How easy is it to implement OpenID as a service provider. Let's say that you want to use OpenID in your mac.erlang.no wiki (based on Mediawiki, I presume?) - how do you do that?
Hi: I am the technical
Hi: I am the technical director for the PiP and SeatBelt projects here at Verisign. If the person responsible for this implementation could contact me I would greatly appreciate it.
gkrall - at - verisign dot com
Thanks!
Earlier today I announced
Earlier today I announced that we have a Feide OpenID test service. Now I added support for authenticating with OpenID when adding comments on this blog. [IMG] So, create a Feide OpenID as described earlier today, and then try to use it to add a comment to this blog entry :) Share This by Andreas Ã…kre Solberg at July 18, 2007 12:11 PM