OpenID Connect Test Facility Preview Available

We’re happy to announce that today we’re making a technology preview of the OpenID Connect Test Facility publicly available.

Start right away to test your OpenID Connect Provider:

This is an early preview of a pretty complex set of software, so we’re asking you to be patient, and please report to us any issues. You can do that by posting to our github issue tracker or email me directly.

This test facility has been made possible by myself and Roland Hedberg, an effort as part of the GÉANT Identity Federation project in collaboration with the Kantara Initiative and the OpenID Community.

Here is a video demo of how it all works:

Where is OpenID Connect

I have learned that the OpenID Connect is NOT at openidconnect.org. Shiny CSS and credible domain name does not help – the spec is here:

Notice, the URLs that I got for the spec includes a version numbers, so they are likely to be broken soon as well 🙂

37signals on OpenID

We first jumped on the OpenID bandwagon back in 2007 when it was seen as a promising way to make logging into websites simpler. What we’ve learned over the past three years is that it didn’t actually make anything any simpler for the vast majority of our customers. Instead it just made things harder. Especially when people were having problems with the often flaky OpenID providers and couldn’t log into their account. OpenID has been a burden on support since the day it was launched.

We’ll be retiring our support of OpenID on May 1

Found through Daring Fireball.

SimpleSAMLphp version 1.6.0

simpleSAMLphp version 1.6 was made available earlier this summer. This release note was somewhat delayed here at rnd.feide.no, due to the fact that I was out of office.

Documentation is available at:

Changes include:

  • Support for HTTP-Artifact binding on both IdP and SP (thanks to Danny Bollaert, Shoaib Ali and Bill Young).
  • Better error reporting from single logout on the IdP- it will now respond with the correct error code to SPs.
  • OpenID 2.0 support.
  • Better support for specifying parameters in the SAML 2 authentication request.
  • Error page when the user accesses the IdP with cookies disabled.

Also, several bug fixes and other changes. See the changelog for more details:

If you are upgrading from a previous version of simpleSAMLphp, you should have a look at the upgrade notes, as they list changes that may break existing installations:

New OpenIdP Available

Feide OpenIdP is now live in a brand new version.

The source code is available as a module to SimpleSAMLphp (not part of the simpleSAMLphp distribution though).

The module is implemented by Thomas Graff, one of the members of the Feide team.

Feide OpenIdP allows self registration of users, self registration of SAML 2.0 SPs and supports OpenID.

Create custom links on the login page

We’ve added support for including custom links on the login page, without modifying the theme. This support is already enabled in the subversion version of simpleSAMLphp.

In authsources.php, you may add links by doing something like this:

    'core:loginpage_links' => array(
        array(
            'href' => SimpleSAML_Module::getModuleURL('openid/openidtest.php'),
            'text' => '{openid:dictopenid:openidtestpage}',
        ),
        array(
            'href' => 'http://uninett.no',
            'text' => array('en' => 'UNINETT Home page', 'no' => 'UNINETT sin hjemmeside'),
        ),
    )