-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 5/22/09 6:39 AM, Bernhard zwischenbrugger wrote: > Hi All > > I try to make a webchat with OpenID Login. > > OpenID is not difficult. > Using https://rpxnow.com/ for example makes it very simple. > Also a Jabber Login using "Strophe" or and other BOSH Lib is simple. > No Problem with that > > But combining this 2 things is not easy at all. > > If you have never seen openid, here is a simple login process: > http://lamp2.fhstp.ac.at/~lbz/beispiele/ss2009/openid/ > > ejabberd provides the "auth_method: external" and it should be possible > to login using openid.
That's SASL EXTERNAL. Typically it is used with a digital certificate presented during TLS negotiation. > The problem: > > 1.) I don't know how to make the login. I have to send the TOKEN to the > jabberserver, but I don't have a username or password. > 2.) If I don't have a username, the jabberserver can't create a useraccount > 3.) What to use as username? openid provides an "identifier" which seems > to be unique - but thats not a good username. > > Maybe you have an idea for some if this things. My idea is that if people want OpenID login, they would need to define a new SASL mechanism. Personally I don't trust OpenID, but other people might have enough trust in it to define and use such a SASL mechanism. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkol+XoACgkQNL8k5A2w/vwCKgCfUs8a/XmsTxHlv2ZXby2NOGn5 800AnRZpERPHEGg+Vf8VzyMN738TOSV9 =7Xlp -----END PGP SIGNATURE----- _______________________________________________ JDev mailing list Forum: http://www.jabberforum.org/forumdisplay.php?f=20 Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
