Hi everyone (and especially Ray). Got your openid lib working, great job. Thanks! You are working on the weekend, I admire that!
I am trying to work out the process in which a user has an openid account on a 3rd party server, but they do not have an account for the openid client application. 1) User has openid account http://rhodebump.myopenid.com/ 2) User goes to openid client http://localhost/openidclient and this application (using your acegi filter) will direct them to the myopenid.com provider where they successfully login. 3) myopenid.com directs user back to http://localhost/openidclient but since the user is not provisioned in the openidclient, the UserDetailsService.loadUserByUsername will fail. My use case is that the user has an openid account, but still needs to complete some sort of registration process for the client application. I was wondering if you thought of this at all and if we should provide for this sort of case in the design/implementation of an openid provider. One thing that complicates the whole thing is the question that I think we would want the person to be authenticated with openid before they do this registration process. If they are authenticated using openid, we can "suck in" some of the openid attributes from their provider to ease the registration process. However, we can not login them in their current account state since they can not be retrieve from the UserDetailsService until they completed setup. It's sort of like there are 2 authentication states, the user can be authenticated remotely, and authenticated locally. Phillip ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer