Hi,
I am in the process of implementing verification of assertions. Based
upon reading the various sections of the specification, I can see how we
could could persist some of the information such as returnToURL and the
discovery information in some persistent store (such as session). However,
I am not able to figure out how we could implement this type of support
without persisting the information.
Is there a way to leverage a callback to the OP after the authentication
request is returned to the Relying Party that could retrieve this
information and perform the verfication without persisting this
information?
Thank you
Todd Kaplinger
Project Zero Architecture and Development
http://www.projectzero.org
_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs