SlideShare a Scribd company logo
1 of 69
Download to read offline
Implementing



               David Recordon                                  Brian Ellin
            drecordon@verisign.com                          brian@janrain.com


                                         Web 2.0 Expo
                                        April 15-18, 2007


More than just the two of us who are good resources, all about the community.
brief intro...and then
                    into the code


Realize not everyone is a developer, code won't scare you and will show just how easy OpenID
is
What is OpenID?
Single sign-on for the web
Simple and light-weight
(not going to replace your atm pin)

Easy to use and deploy
Open development process
Decentralized
(no single point of failure)

Free!
Proves You Control a URI




  www.davidrecordon.com                                      brianellin.com
- OpenID comes from the blogosphere
- Biggest problem with identity; namespace
- OpenID solves this by using DNS, codifying a web address like email has already done
- Your identity is a destination
- You have a unique end-point on the Internet
the common things we hear



before we dig into techy stu
Been there, done that
Been there, done that

  Great for
                 Centralized   Centralized
the enterprise
...but do you really trust them?



In the enterprise you have little choice, if you want to keep your job
You might choose to trust Six Apart, but then what if they are sold to someone you may not
trust?
As Simon Willison said at FOWA - Would you really trust these men with your identity?
With OpenID, you get to
           choose who manages
               your identity.
                      (you can even change your mind later)




including no one but yourself
This is a geek's toy,
nobody will ever have
    an OpenID!
~90 million OpenIDs
                             (including every AOL user)




                                                                          OpenID 1.1 - Estimated from various services

certainly all don’t know they have one, but can even build UI custom to services you know
provide them
Nobody will ever use this!
Total Relying Parties         (aka places you can use this stuff)




                                                                                                               IIW



                                                                                                                                  L
                                                                                                                             AO
                                                                                          y
                                                                                        nt




                                                                                                          s/
                                                                                   ou




                                                                                                                          
                                                                                                         st
                                                                                 /B




                                                                                                        ca



                                                                                                                       T
                                                                                                                    SF
                                                                                                     eb
              IIW




                                                      IIW




                                                                             ip




                                                                                                                 M
                                                                                                    W
                                                                            Sx
2,500

1,875

1,250

 625

   0
        '05

              ct

                    ov

                         ec

                               '06

                                        b

                                            ar


                                                  r

                                                       ay


                                                               e

                                                                       ly

                                                                             g

                                                                                    p

                                                                                          ct

                                                                                               ov

                                                                                                    ec

                                                                                                          '07

                                                                                                                    b

                                                                                                                            ar


                                                                                                                                         h
                                                 Ap




                                                                            Au
                                                               n
                                     Fe




                                                                                  Se




                                                                                                                 Fe




                                                                                                                                      7t
                                                                    Ju
              O




                                                                                         O
                                            M




                                                                                                                          M
                                                      M
                         D




                                                                                                    D
                    N




                                                            Ju




                                                                                               N




                                                                                                                                   r1
        p




                              Jan




                                                                                                         Jan
    Se




                                                                                                                                Ap
                                                                                                           OpenID 1.1 - As viewed by MyOpenID.com
So that's great there
are so many blogs, but
what about something
        real?
not just blogs, but also big open source projects
not just..., but also consumer services
not just..., but also large service providers and corporations
Reebok - first large non-tech company to launch and OpenID enabled site
not just blogs, but also big open source projects
not just..., but also consumer services
not just..., but also large service providers and corporations
Reebok - first large non-tech company to launch and OpenID enabled site
not just blogs, but also big open source projects
not just..., but also consumer services
not just..., but also large service providers and corporations
Reebok - first large non-tech company to launch and OpenID enabled site
not just blogs, but also big open source projects
not just..., but also consumer services
not just..., but also large service providers and corporations
Reebok - first large non-tech company to launch and OpenID enabled site
What's the big deal?
OpenID is another
                  important building
                       block.

Contact management sucks
 - which John Doe
 - outdated information
 - no open way to share contact info in a privacy protecting manner
Shared calendaring is hard
Social networks are non-interoperable silos
Why should we add
OpenID to our feature
        list?
Simon Willison - FOWA 02/07

-   Startup fatigue
-   Light-weight accounts
-   Site specific hacks (AOL, LJ, Doxory)
-   Less overhead
TechCrunch and other blogs link to dozens of new
       startups each week...readers aren't going to make new
       accounts for every single one




                                                      Simon Willison - FOWA 02/07

-   Startup fatigue
-   Light-weight accounts
-   Site specific hacks (AOL, LJ, Doxory)
-   Less overhead
TechCrunch and other blogs link to dozens of new
       startups each week...readers aren't going to make new
       accounts for every single one

       Creates ability to email a friend saying, I've added you
       as an author to the blog I setup for our band




                                                          Simon Willison - FOWA 02/07

-   Startup fatigue
-   Light-weight accounts
-   Site specific hacks (AOL, LJ, Doxory)
-   Less overhead
TechCrunch and other blogs link to dozens of new
       startups each week...readers aren't going to make new
       accounts for every single one

       Creates ability to email a friend saying, I've added you
       as an author to the blog I setup for our band

       Site specific hacks...Login with your AOL OpenID and
       we'll send you updates over AIM




                                                          Simon Willison - FOWA 02/07

-   Startup fatigue
-   Light-weight accounts
-   Site specific hacks (AOL, LJ, Doxory)
-   Less overhead
TechCrunch and other blogs link to dozens of new
       startups each week...readers aren't going to make new
       accounts for every single one

       Creates ability to email a friend saying, I've added you
       as an author to the blog I setup for our band

       Site specific hacks...Login with your AOL OpenID and
       we'll send you updates over AIM

       If you're not managing passwords, you don't need to
       build as complex user management systems

                                                          Simon Willison - FOWA 02/07

-   Startup fatigue
-   Light-weight accounts
-   Site specific hacks (AOL, LJ, Doxory)
-   Less overhead
How does it work?
    (protocol and flow)
Basic Terminology

                    OpenID Provider (OP) - Site that makes
                    assertions about an OpenID
                    Relying Party (RP) - Site that wants to
                    verify ownership of an OpenID




OP is often called server - myopenid.com, pip.verisignlabs.com,
claimid, vidoop
RP is often called a consumer - jyte, livejournal, ficlets, zooomr
O
                                             M
           E
                         Using OpenID


          D
FireFox, login to jyte.com using brian.myopenid.com
O
                                             M
           E
OpenID Enabling Your Own URL


          D
FireFox, delegating brianellin.com to brian.myopenid.com
O
           M
 E
Creating an OpenID with
    your own server


D
One file php script, configure, upload, and go!
* *************************************************************************** *
 * CONFIGURATION
 * *************************************************************************** *
 * You must change these values:
 *   auth_username = login name
 *   auth_password = md5(username:realm:password)
 *
 * Default username = 'test', password = 'test', realm = 'phpMyID'
 */

#$profile = array(
#    'auth_username'   =    'test',
#    'auth_password'   =    '37fa04faebe5249023ed1f6cc867329b'
#);

/*
 * Optional - Simple Registration Extension:
 *
 *   If you would like to add any of the following optional registration
 *   parameters to your login profile, simply uncomment the line, and enter the
 *   correct values.
 *
 *   Details on the exact allowed values for these paramters can be found at:
 *   http://openid.net/specs/openid-simple-registration-extension-1_0.html
 */

#$sreg = array (
#    'nickname'        =   'Joe',
#    'email'           =   'joe@example.com',
#    'fullname'        =   'Joe Example',
#    'dob'             =   '1970-10-31',
#    'gender'          =   'M',
#    'postcode'        =   '22000',
#    'country'         =   'US',
#    'language'        =   'en',
#    'timezone'        =   'America/New_York'
#);
Hash My Password
* *************************************************************************** *
 * CONFIGURATION
 * *************************************************************************** *
 * You must change these values:
 *   auth_username = login name
 *   auth_password = md5(username:realm:password)
 *
 * Default username = 'test', password = 'test', realm = 'phpMyID'
 */

$profile = array(
     'auth_username'   =    'david',
     'auth_password'   =    'e0fee9a99fa2fe004bbd70b972a03aa1'
);

/*
 * Optional - Simple Registration Extension:
 *
 *   If you would like to add any of the following optional registration
 *   parameters to your login profile, simply uncomment the line, and enter the
 *   correct values.
 *
 *   Details on the exact allowed values for these paramters can be found at:
 *   http://openid.net/specs/openid-simple-registration-extension-1_0.html
 */

#$sreg = array (
#    'nickname'        =   'Joe',
#    'email'           =   'joe@example.com',
#    'fullname'        =   'Joe Example',
#    'dob'             =   '1970-10-31',
#    'gender'          =   'M',
#    'postcode'        =   '22000',
#    'country'         =   'US',
#    'language'        =   'en',
#    'timezone'        =   'America/New_York'
#);
Configure Profile Data
$profile = array(
     'auth_username'   =    'david',
     'auth_password'   =    'e0fee9a99fa2fe004bbd70b972a03aa1'
);

/*
 * Optional - Simple Registration Extension:
 *
 *   If you would like to add any of the following optional registration
 *   parameters to your login profile, simply uncomment the line, and enter the
 *   correct values.
 *
 *   Details on the exact allowed values for these paramters can be found at:
 *   http://openid.net/specs/openid-simple-registration-extension-1_0.html
 */

$sreg = array (
     'nickname'        =   'daveman692',
     'email'           =   'recordond@gmail.com',
     'fullname'        =   'David Recordon',
     'dob'             =   '1986-09-04',
     'gender'          =   'M',
     'postcode'        =   '941458',
     'country'         =   'US',
     'language'        =   'en',
     'timezone'        =   'America/Los_Angeles'
);


while all personal info there, note I don't have to give it away every time
Upload
Configure Delegation
                           (source of www.davidrecordon.com)
html xmlns=http://www.w3.org/1999/xhtml
head
titleDavid Recordon/title
style
 div {
         text-align: center;
         color: #C0C0C0;
     }
 img {
         border: 0px;
     }
 a   {
         color: #C0C0C0;
     }
/style


link rel=openid.server href=http://www.davidrecordon.com/myid.php /
link rel=openid.delegate href=http://www.davidrecordon.com/myid.php /
/head
Done!
Time to configure and upload phpMyID:

            5 minutes
    http://siege.org/projects/phpMyID/
OpenID Enabling ExpoCal

                              O
                            M
  E
               http://cal.web2expo.com/

Existing users: Sign in and click the the add OpenID




 D
link at the top right

New users: Click login and sign in with your OpenID,
skipping the signup process :)
Tools Used

                     iCalicio by Kellan Elliot-McCrea and Evan
                     Henshaw-Plath
                      Ruby and Rails
                      gem install ruby-openid




license of we wrote it in four hours so don't laugh at us!
ExpoCal User Model
Stores login name and hashed password
We need to add an optional OpenID column

 1 class AddOpenId  ActiveRecord::Migration
 2   def self.up
 3     add_column :users, :openid, :string
 4     add_index :users, [:openid], :name = :users_openid_index
 5   end
 6
 7   def self.down
 8     remove_column :users, :openid
 9   end
10 end
Using the OpenID Library
          1 def consumer
          2   store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store')
          3   store = OpenID::FilesystemStore.new(store_dir)
          4   return OpenID::Consumer.new(session, store)
          5 end




            FilesystemStore saved OpenID transaction state
            OpenID::Consumer handles the protocol details



Store - RP specific state
Session - user specific state
Consumer - handles protocol details
Add OpenID UI

1 h2Or, login with OpenID/h2
2 %= start_form_tag(:controller='account', :action = 'openid_start') %
3   plabel for=openid_identifierOpenID/labelbr/
4   %= text_field_tag 'openid_identifier' %/p
5   %= submit_tag 'OpenID Login' %
6 %= end_form_tag %




 input name=openid_identifer /
Handle Login Form Submit
        1 def openid_start
        2   openid_request = consumer.begin(params[:openid_identifier])
        3
        4   case openid_request.status
        5   when OpenID::SUCCESS
        6     return_to = url_for(:action = 'openid_finish')
        7     trust_root = url_for(:controller = '')
        8     server_redirect_url = openid_request.redirect_url(trust_root, return_to)
        9     redirect_to(server_redirect_url)
       10
       11   when OpenID::FAILURE
       12     flash[:notice] = Could not find your OpenID server.
       13     redirect_back_or_default(:controller = '/account', :action = 'index')
       14
       15   end
       16 end


                                                     1. Discover
                                                     2.Associate
                                                     3. Redirect
             (we’ll handle the server response at the return_to URL)
Highlighted numbers:
2 - consumer.begin
6 - build return_to
7 - build trust_root
8 - use the openid_response object to build the server_redirect_url
9 - send redirect!
Redirect to OpenID Provider
Handle Server Response
            1 def openid_finish
            2   openid_response = consumer.complete(params)
            3
            4   case openid_response.status
            5   when OpenID::SUCCESS
            6     openid = openid_response.identity_url
            7     @user = User.find_by_openid(openid)
            8
            9     unless @user
           10       @user = User.create(:openid = openid, :login = openid)
           11     end
           12     self.current_user = @user
           13     flash[:notice] = Welcome #{@user.openid}
           14
           15   when OpenID::FAILURE
           16     flash[:notice] = 'Verification failed.'
           17   end
           18
           19   redirect_back_or_default(:controller = 'talk', :action = 'list')
           20 end




2 - consumer.complete(params)
7 - success - find user by openid
10 - create new user if needed
12 - log user in
Done!
           Time to implement OpenID in iCalico:

                                 45 minutes
                          http://cal.web2expo.com/




Not a perfect implementation (yet), but quite good. Check out Ma.gnolia.com for a really
great example of integration.
So this all looks great,
   but what are the
     downsides?
Kitten Overload!


                   More kittens!




                          Simon Willison - FOWA 02/07
Kitten Overload!



                   FAKE   More kittens!




                                 Simon Willison - FOWA 02/07
Kitten Overload!


                          Identity theft!
                   FAKE         :'(




                                  Simon Willison - FOWA 02/07
You could just remove passwords



One possible solution
Client Side Certs




Brian: certs use cryptography to prove your identity to a website
without sharing any secrets like username/password.
Microsoft CardSpace




                                         (UI for certs)
Still to be seen if CS will be adopted, currently only IE 7 in Vista and if user downloads for XP.
Vidoop




                              (changing the metaphor)
Removes the traditional password, very new technology (consumer launch here)
...but passwords are still
       widely used
VeriSign's OpenID Seatbelt
         (demoing today)
Helps with simplifying the end user experience around OpenID login flows.
Checks SSL certs to let you know if you're at the right place before you type your shared
secret (password)
Helps user experience by letting you know who you're logged in as and automatically filling
in your OpenID (note delegation)
Protects you by looking at what is happening to your browser, not perfect but better than
what exists today.
Smart users will combine warnings with login state indicator.
OpenID is great for innovation!
            (authentication method is up to the provider and user)




Jabber
Run your own on a hacked Linksys router looking at MAC address
Tokens
Kerberos

Best solution is to let users combine methods for how they're using OpenID
I don't want just one
          identity...I mean I don't
          want my boss to know
                I'm a furry!

or insert other example here
Well you don't wear your
          furry suit to work do you?


already solved in real life
So use multiple OpenIDs!
               (you already do this with email addresses today)




Solved problem, not a new one OpenID creates. Admit user education is important here.
Go code!
(and join the conversation at OpenID.net)
Thanks!
                        (and don't forget to grab a CD)




               David Recordon                       Brian Ellin
             drecordon@verisign.com              brian@janrain.com




IIW May 14-16 Mountain View CA

More Related Content

What's hot

20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...Frederick Zarndt
 
Fringe eu procurement - sara piller
Fringe   eu procurement - sara pillerFringe   eu procurement - sara piller
Fringe eu procurement - sara pillerlgconf11
 
Domagoj Margetic
Domagoj MargeticDomagoj Margetic
Domagoj MargeticEmil Čić
 
6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute6.09 Develop A Plan And Execute
6.09 Develop A Plan And ExecuteRalphYoung
 
Airbnb tech talk: Levi Weintraub on webkit
Airbnb tech talk: Levi Weintraub on webkitAirbnb tech talk: Levi Weintraub on webkit
Airbnb tech talk: Levi Weintraub on webkitnaseemh
 
Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012sfikasp
 
Zen and-the-art-of-build-script-maintenance-skillsmatter
Zen and-the-art-of-build-script-maintenance-skillsmatterZen and-the-art-of-build-script-maintenance-skillsmatter
Zen and-the-art-of-build-script-maintenance-skillsmatterSkills Matter
 
Practicing English
Practicing EnglishPracticing English
Practicing Englishguesteec4f8b
 
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012CHISWICK ROOMS HOTEL
 
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.CHISWICK ROOMS HOTEL
 
BTP case : SENSOA / All about sex
BTP case : SENSOA / All about sexBTP case : SENSOA / All about sex
BTP case : SENSOA / All about sexDominique Poncin
 
Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.earningreport earningreport
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Weldingmokhtar
 
Dan Hill - Creative City, Soft City
Dan Hill - Creative City, Soft CityDan Hill - Creative City, Soft City
Dan Hill - Creative City, Soft CityShane Mitchell
 
Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)Locus Research
 

What's hot (20)

20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
20120820 conversion of historic newspapers to digital objects [boris yeltsin ...
 
Fringe eu procurement - sara piller
Fringe   eu procurement - sara pillerFringe   eu procurement - sara piller
Fringe eu procurement - sara piller
 
Domagoj Margetic
Domagoj MargeticDomagoj Margetic
Domagoj Margetic
 
6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute6.09 Develop A Plan And Execute
6.09 Develop A Plan And Execute
 
Airbnb tech talk: Levi Weintraub on webkit
Airbnb tech talk: Levi Weintraub on webkitAirbnb tech talk: Levi Weintraub on webkit
Airbnb tech talk: Levi Weintraub on webkit
 
Sales insitute of ireland november 2010
Sales insitute of ireland november 2010Sales insitute of ireland november 2010
Sales insitute of ireland november 2010
 
Pri of phs 9th
Pri of phs 9thPri of phs 9th
Pri of phs 9th
 
Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012Egkekrimena sxedia comenius 2012
Egkekrimena sxedia comenius 2012
 
Zen and-the-art-of-build-script-maintenance-skillsmatter
Zen and-the-art-of-build-script-maintenance-skillsmatterZen and-the-art-of-build-script-maintenance-skillsmatter
Zen and-the-art-of-build-script-maintenance-skillsmatter
 
Practicing English
Practicing EnglishPracticing English
Practicing English
 
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
Stay with CHISWICK ROOMS HOTEL and enjoy London happenings in dec 2012
 
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
Stay with chiswick rooms hotel and enjoy london happenings in dec 2012.
 
Plenary1 cap kees westrate port of rotterdam
Plenary1 cap kees westrate port of rotterdamPlenary1 cap kees westrate port of rotterdam
Plenary1 cap kees westrate port of rotterdam
 
BTP case : SENSOA / All about sex
BTP case : SENSOA / All about sexBTP case : SENSOA / All about sex
BTP case : SENSOA / All about sex
 
Mobile TV In Japan
Mobile TV In JapanMobile TV In Japan
Mobile TV In Japan
 
Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.Q1 2009 Earning Report of Heidrick & Struggles Inc.
Q1 2009 Earning Report of Heidrick & Struggles Inc.
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Welding
 
Calendrier scolaire
Calendrier scolaireCalendrier scolaire
Calendrier scolaire
 
Dan Hill - Creative City, Soft City
Dan Hill - Creative City, Soft CityDan Hill - Creative City, Soft City
Dan Hill - Creative City, Soft City
 
Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)Transition Sporting Equipment Report(Web)
Transition Sporting Equipment Report(Web)
 

Viewers also liked

OpenID Bootcamp Tutorial
OpenID Bootcamp TutorialOpenID Bootcamp Tutorial
OpenID Bootcamp TutorialDavid Recordon
 
OpenID Authentication by example
OpenID Authentication by exampleOpenID Authentication by example
OpenID Authentication by exampleChris Vertonghen
 
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014   introduction to open id connect and o-auth 2Mit 2014   introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Justin Richer
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for MicroservicesOAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for MicroservicesTwobo Technologies
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservicesAlvaro Sanchez-Mariscal
 
Implications Of OpenID (Google Tech Talk)
Implications Of OpenID (Google Tech Talk)Implications Of OpenID (Google Tech Talk)
Implications Of OpenID (Google Tech Talk)Simon Willison
 
The Future of Influence - how the audience, content + media is changing how a...
The Future of Influence - how the audience, content + media is changing how a...The Future of Influence - how the audience, content + media is changing how a...
The Future of Influence - how the audience, content + media is changing how a...Tara Hunt
 

Viewers also liked (12)

Understanding OpenID
Understanding OpenIDUnderstanding OpenID
Understanding OpenID
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect Explained
 
OpenID Bootcamp Tutorial
OpenID Bootcamp TutorialOpenID Bootcamp Tutorial
OpenID Bootcamp Tutorial
 
OpenID Authentication by example
OpenID Authentication by exampleOpenID Authentication by example
OpenID Authentication by example
 
OAuth 2.0 101
OAuth 2.0 101OAuth 2.0 101
OAuth 2.0 101
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
 
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014   introduction to open id connect and o-auth 2Mit 2014   introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 
OAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for MicroservicesOAuth and OpenID Connect for Microservices
OAuth and OpenID Connect for Microservices
 
Stateless authentication for microservices
Stateless authentication for microservicesStateless authentication for microservices
Stateless authentication for microservices
 
Implications Of OpenID (Google Tech Talk)
Implications Of OpenID (Google Tech Talk)Implications Of OpenID (Google Tech Talk)
Implications Of OpenID (Google Tech Talk)
 
The Future of Influence - how the audience, content + media is changing how a...
The Future of Influence - how the audience, content + media is changing how a...The Future of Influence - how the audience, content + media is changing how a...
The Future of Influence - how the audience, content + media is changing how a...
 

Similar to Implementing OpenID

Digital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding OpenidDigital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding OpenidDavid Recordon
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Weldingguestb9b7f4
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Threadguestb9b7f4
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Threadmokhtar
 
rijkhof design package design samples
rijkhof design package design samplesrijkhof design package design samples
rijkhof design package design samplesRijkhof Design
 
Unit3 Gear
Unit3 GearUnit3 Gear
Unit3 Gearmokhtar
 
Unit2 Gear
Unit2 GearUnit2 Gear
Unit2 Gearmokhtar
 
EdSocialMedia Keynote
EdSocialMedia KeynoteEdSocialMedia Keynote
EdSocialMedia KeynoteWhippleHill
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machineguestb9b7f4
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machinemokhtar
 
Valuation of Enterprise Social Media
Valuation of Enterprise Social MediaValuation of Enterprise Social Media
Valuation of Enterprise Social MediaAimee Jacobs
 
Using Clickers For Instant Feedback Robin Brekke
Using Clickers For Instant Feedback Robin BrekkeUsing Clickers For Instant Feedback Robin Brekke
Using Clickers For Instant Feedback Robin BrekkeJohn Dorner
 
IBM Lotus Notes&Domino today
IBM Lotus Notes&Domino todayIBM Lotus Notes&Domino today
IBM Lotus Notes&Domino todayDiana Emely
 
Nov Dec Newsletter
Nov Dec NewsletterNov Dec Newsletter
Nov Dec Newsletterkf_glensky
 

Similar to Implementing OpenID (20)

Ed Burns @ FOWA 08
Ed Burns @ FOWA 08Ed Burns @ FOWA 08
Ed Burns @ FOWA 08
 
Digital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding OpenidDigital ID World 2007 - Understanding Openid
Digital ID World 2007 - Understanding Openid
 
Unit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc WeldingUnit7 Shielded Gas Arc Welding
Unit7 Shielded Gas Arc Welding
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Thread
 
Unit1 Screw Thread
Unit1 Screw ThreadUnit1 Screw Thread
Unit1 Screw Thread
 
rijkhof design package design samples
rijkhof design package design samplesrijkhof design package design samples
rijkhof design package design samples
 
Unit3 Gear
Unit3 GearUnit3 Gear
Unit3 Gear
 
Unit3 Gear
Unit3 GearUnit3 Gear
Unit3 Gear
 
Budget2009
Budget2009Budget2009
Budget2009
 
Unit2 Gear
Unit2 GearUnit2 Gear
Unit2 Gear
 
Unit2 Gear
Unit2 GearUnit2 Gear
Unit2 Gear
 
EdSocialMedia Keynote
EdSocialMedia KeynoteEdSocialMedia Keynote
EdSocialMedia Keynote
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machine
 
Unit5 Power Press Machine
Unit5 Power Press MachineUnit5 Power Press Machine
Unit5 Power Press Machine
 
Valuation of Enterprise Social Media
Valuation of Enterprise Social MediaValuation of Enterprise Social Media
Valuation of Enterprise Social Media
 
Using Clickers For Instant Feedback Robin Brekke
Using Clickers For Instant Feedback Robin BrekkeUsing Clickers For Instant Feedback Robin Brekke
Using Clickers For Instant Feedback Robin Brekke
 
Aps104 m
Aps104 mAps104 m
Aps104 m
 
IBM Lotus Notes&Domino today
IBM Lotus Notes&Domino todayIBM Lotus Notes&Domino today
IBM Lotus Notes&Domino today
 
Nov Dec Newsletter
Nov Dec NewsletterNov Dec Newsletter
Nov Dec Newsletter
 
Q1 2009 Earning Report of Meadwestvaco Corp.
Q1 2009 Earning Report of Meadwestvaco Corp.Q1 2009 Earning Report of Meadwestvaco Corp.
Q1 2009 Earning Report of Meadwestvaco Corp.
 

More from Uri Levanon

How to Spread Ideas: Think Like an Entrepreneur, Not Like a Crusader
How to Spread Ideas: Think Like an Entrepreneur, Not Like a CrusaderHow to Spread Ideas: Think Like an Entrepreneur, Not Like a Crusader
How to Spread Ideas: Think Like an Entrepreneur, Not Like a CrusaderUri Levanon
 
When Did We Start Trusting Strangers? (Universal-McCann Research)
When Did We Start Trusting Strangers? (Universal-McCann Research)When Did We Start Trusting Strangers? (Universal-McCann Research)
When Did We Start Trusting Strangers? (Universal-McCann Research)Uri Levanon
 
Gmails Quota Secrets
Gmails Quota SecretsGmails Quota Secrets
Gmails Quota SecretsUri Levanon
 
25 Ways To Distinguish Yourself
25 Ways To Distinguish Yourself25 Ways To Distinguish Yourself
25 Ways To Distinguish YourselfUri Levanon
 
The Customer Evangelist Manifesto
The Customer Evangelist ManifestoThe Customer Evangelist Manifesto
The Customer Evangelist ManifestoUri Levanon
 
Case-based Sequential Ordering of Songs for Playlist Recommendation
Case-based Sequential Ordering of Songs for Playlist RecommendationCase-based Sequential Ordering of Songs for Playlist Recommendation
Case-based Sequential Ordering of Songs for Playlist RecommendationUri Levanon
 
One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...
One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...
One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...Uri Levanon
 
A Case-Based Song Scheduler for Group Customised Radio
A Case-Based Song Scheduler for Group Customised RadioA Case-Based Song Scheduler for Group Customised Radio
A Case-Based Song Scheduler for Group Customised RadioUri Levanon
 
Financial Fitness for Entrepreneurs
Financial Fitness for EntrepreneursFinancial Fitness for Entrepreneurs
Financial Fitness for EntrepreneursUri Levanon
 
Escape Adulthood
Escape AdulthoodEscape Adulthood
Escape AdulthoodUri Levanon
 
The Hughtrain - Hugh MacLeod
The Hughtrain - Hugh MacLeodThe Hughtrain - Hugh MacLeod
The Hughtrain - Hugh MacLeodUri Levanon
 
A Physics Of Ideas - Measuring the Physical Properties of Memes
A Physics Of Ideas - Measuring the Physical Properties of MemesA Physics Of Ideas - Measuring the Physical Properties of Memes
A Physics Of Ideas - Measuring the Physical Properties of MemesUri Levanon
 
The Power of The Marginal
The Power of The MarginalThe Power of The Marginal
The Power of The MarginalUri Levanon
 
Why Smart People Defense Bad Ideas?
Why Smart People Defense Bad Ideas?Why Smart People Defense Bad Ideas?
Why Smart People Defense Bad Ideas?Uri Levanon
 
Measuring Word of Mouth & Influence in the Blogosphere
Measuring Word of Mouth & Influence in the BlogosphereMeasuring Word of Mouth & Influence in the Blogosphere
Measuring Word of Mouth & Influence in the BlogosphereUri Levanon
 
Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...
Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...
Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...Uri Levanon
 
How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)
How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)
How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)Uri Levanon
 
How to Manage Smart People (a ChangeThis manifest)
How to Manage Smart People (a ChangeThis manifest)How to Manage Smart People (a ChangeThis manifest)
How to Manage Smart People (a ChangeThis manifest)Uri Levanon
 
What is Open Source Marketing? (a ChangeThis manifest)
What is Open Source Marketing? (a ChangeThis manifest)What is Open Source Marketing? (a ChangeThis manifest)
What is Open Source Marketing? (a ChangeThis manifest)Uri Levanon
 

More from Uri Levanon (20)

How to Spread Ideas: Think Like an Entrepreneur, Not Like a Crusader
How to Spread Ideas: Think Like an Entrepreneur, Not Like a CrusaderHow to Spread Ideas: Think Like an Entrepreneur, Not Like a Crusader
How to Spread Ideas: Think Like an Entrepreneur, Not Like a Crusader
 
When Did We Start Trusting Strangers? (Universal-McCann Research)
When Did We Start Trusting Strangers? (Universal-McCann Research)When Did We Start Trusting Strangers? (Universal-McCann Research)
When Did We Start Trusting Strangers? (Universal-McCann Research)
 
Gmails Quota Secrets
Gmails Quota SecretsGmails Quota Secrets
Gmails Quota Secrets
 
25 Ways To Distinguish Yourself
25 Ways To Distinguish Yourself25 Ways To Distinguish Yourself
25 Ways To Distinguish Yourself
 
The Customer Evangelist Manifesto
The Customer Evangelist ManifestoThe Customer Evangelist Manifesto
The Customer Evangelist Manifesto
 
Case-based Sequential Ordering of Songs for Playlist Recommendation
Case-based Sequential Ordering of Songs for Playlist RecommendationCase-based Sequential Ordering of Songs for Playlist Recommendation
Case-based Sequential Ordering of Songs for Playlist Recommendation
 
One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...
One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...
One Music, Many Listeners - A Case-based Song Scheduler for Group Customised ...
 
A Case-Based Song Scheduler for Group Customised Radio
A Case-Based Song Scheduler for Group Customised RadioA Case-Based Song Scheduler for Group Customised Radio
A Case-Based Song Scheduler for Group Customised Radio
 
Financial Fitness for Entrepreneurs
Financial Fitness for EntrepreneursFinancial Fitness for Entrepreneurs
Financial Fitness for Entrepreneurs
 
Do Less
Do LessDo Less
Do Less
 
Escape Adulthood
Escape AdulthoodEscape Adulthood
Escape Adulthood
 
The Hughtrain - Hugh MacLeod
The Hughtrain - Hugh MacLeodThe Hughtrain - Hugh MacLeod
The Hughtrain - Hugh MacLeod
 
A Physics Of Ideas - Measuring the Physical Properties of Memes
A Physics Of Ideas - Measuring the Physical Properties of MemesA Physics Of Ideas - Measuring the Physical Properties of Memes
A Physics Of Ideas - Measuring the Physical Properties of Memes
 
The Power of The Marginal
The Power of The MarginalThe Power of The Marginal
The Power of The Marginal
 
Why Smart People Defense Bad Ideas?
Why Smart People Defense Bad Ideas?Why Smart People Defense Bad Ideas?
Why Smart People Defense Bad Ideas?
 
Measuring Word of Mouth & Influence in the Blogosphere
Measuring Word of Mouth & Influence in the BlogosphereMeasuring Word of Mouth & Influence in the Blogosphere
Measuring Word of Mouth & Influence in the Blogosphere
 
Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...
Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...
Guerrilla Marketing - Over 90 Field-Tested Tactics to Get Your Business Into ...
 
How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)
How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)
How To Be Creative, By Hugh MacLeod (a ChangeThis manifest)
 
How to Manage Smart People (a ChangeThis manifest)
How to Manage Smart People (a ChangeThis manifest)How to Manage Smart People (a ChangeThis manifest)
How to Manage Smart People (a ChangeThis manifest)
 
What is Open Source Marketing? (a ChangeThis manifest)
What is Open Source Marketing? (a ChangeThis manifest)What is Open Source Marketing? (a ChangeThis manifest)
What is Open Source Marketing? (a ChangeThis manifest)
 

Recently uploaded

IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 

Recently uploaded (20)

IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 

Implementing OpenID

  • 1. Implementing David Recordon Brian Ellin drecordon@verisign.com brian@janrain.com Web 2.0 Expo April 15-18, 2007 More than just the two of us who are good resources, all about the community.
  • 2. brief intro...and then into the code Realize not everyone is a developer, code won't scare you and will show just how easy OpenID is
  • 3. What is OpenID? Single sign-on for the web Simple and light-weight (not going to replace your atm pin) Easy to use and deploy Open development process Decentralized (no single point of failure) Free!
  • 4. Proves You Control a URI www.davidrecordon.com brianellin.com - OpenID comes from the blogosphere - Biggest problem with identity; namespace - OpenID solves this by using DNS, codifying a web address like email has already done - Your identity is a destination - You have a unique end-point on the Internet
  • 5. the common things we hear before we dig into techy stu
  • 7. Been there, done that Great for Centralized Centralized the enterprise
  • 8. ...but do you really trust them? In the enterprise you have little choice, if you want to keep your job You might choose to trust Six Apart, but then what if they are sold to someone you may not trust?
  • 9. As Simon Willison said at FOWA - Would you really trust these men with your identity?
  • 10. With OpenID, you get to choose who manages your identity. (you can even change your mind later) including no one but yourself
  • 11. This is a geek's toy, nobody will ever have an OpenID!
  • 12. ~90 million OpenIDs (including every AOL user) OpenID 1.1 - Estimated from various services certainly all don’t know they have one, but can even build UI custom to services you know provide them
  • 13. Nobody will ever use this!
  • 14. Total Relying Parties (aka places you can use this stuff) IIW L AO y nt s/ ou st /B ca T SF eb IIW IIW ip M W Sx 2,500 1,875 1,250 625 0 '05 ct ov ec '06 b ar r ay e ly g p ct ov ec '07 b ar h Ap Au n Fe Se Fe 7t Ju O O M M M D D N Ju N r1 p Jan Jan Se Ap OpenID 1.1 - As viewed by MyOpenID.com
  • 15. So that's great there are so many blogs, but what about something real?
  • 16. not just blogs, but also big open source projects not just..., but also consumer services not just..., but also large service providers and corporations Reebok - first large non-tech company to launch and OpenID enabled site
  • 17. not just blogs, but also big open source projects not just..., but also consumer services not just..., but also large service providers and corporations Reebok - first large non-tech company to launch and OpenID enabled site
  • 18. not just blogs, but also big open source projects not just..., but also consumer services not just..., but also large service providers and corporations Reebok - first large non-tech company to launch and OpenID enabled site
  • 19. not just blogs, but also big open source projects not just..., but also consumer services not just..., but also large service providers and corporations Reebok - first large non-tech company to launch and OpenID enabled site
  • 21. OpenID is another important building block. Contact management sucks - which John Doe - outdated information - no open way to share contact info in a privacy protecting manner Shared calendaring is hard Social networks are non-interoperable silos
  • 22. Why should we add OpenID to our feature list?
  • 23. Simon Willison - FOWA 02/07 - Startup fatigue - Light-weight accounts - Site specific hacks (AOL, LJ, Doxory) - Less overhead
  • 24. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Simon Willison - FOWA 02/07 - Startup fatigue - Light-weight accounts - Site specific hacks (AOL, LJ, Doxory) - Less overhead
  • 25. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, I've added you as an author to the blog I setup for our band Simon Willison - FOWA 02/07 - Startup fatigue - Light-weight accounts - Site specific hacks (AOL, LJ, Doxory) - Less overhead
  • 26. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, I've added you as an author to the blog I setup for our band Site specific hacks...Login with your AOL OpenID and we'll send you updates over AIM Simon Willison - FOWA 02/07 - Startup fatigue - Light-weight accounts - Site specific hacks (AOL, LJ, Doxory) - Less overhead
  • 27. TechCrunch and other blogs link to dozens of new startups each week...readers aren't going to make new accounts for every single one Creates ability to email a friend saying, I've added you as an author to the blog I setup for our band Site specific hacks...Login with your AOL OpenID and we'll send you updates over AIM If you're not managing passwords, you don't need to build as complex user management systems Simon Willison - FOWA 02/07 - Startup fatigue - Light-weight accounts - Site specific hacks (AOL, LJ, Doxory) - Less overhead
  • 28. How does it work? (protocol and flow)
  • 29. Basic Terminology OpenID Provider (OP) - Site that makes assertions about an OpenID Relying Party (RP) - Site that wants to verify ownership of an OpenID OP is often called server - myopenid.com, pip.verisignlabs.com, claimid, vidoop RP is often called a consumer - jyte, livejournal, ficlets, zooomr
  • 30. O M E Using OpenID D FireFox, login to jyte.com using brian.myopenid.com
  • 31. O M E OpenID Enabling Your Own URL D FireFox, delegating brianellin.com to brian.myopenid.com
  • 32. O M E Creating an OpenID with your own server D
  • 33. One file php script, configure, upload, and go!
  • 34. * *************************************************************************** * * CONFIGURATION * *************************************************************************** * * You must change these values: * auth_username = login name * auth_password = md5(username:realm:password) * * Default username = 'test', password = 'test', realm = 'phpMyID' */ #$profile = array( # 'auth_username' = 'test', # 'auth_password' = '37fa04faebe5249023ed1f6cc867329b' #); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ #$sreg = array ( # 'nickname' = 'Joe', # 'email' = 'joe@example.com', # 'fullname' = 'Joe Example', # 'dob' = '1970-10-31', # 'gender' = 'M', # 'postcode' = '22000', # 'country' = 'US', # 'language' = 'en', # 'timezone' = 'America/New_York' #);
  • 36. * *************************************************************************** * * CONFIGURATION * *************************************************************************** * * You must change these values: * auth_username = login name * auth_password = md5(username:realm:password) * * Default username = 'test', password = 'test', realm = 'phpMyID' */ $profile = array( 'auth_username' = 'david', 'auth_password' = 'e0fee9a99fa2fe004bbd70b972a03aa1' ); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ #$sreg = array ( # 'nickname' = 'Joe', # 'email' = 'joe@example.com', # 'fullname' = 'Joe Example', # 'dob' = '1970-10-31', # 'gender' = 'M', # 'postcode' = '22000', # 'country' = 'US', # 'language' = 'en', # 'timezone' = 'America/New_York' #);
  • 37. Configure Profile Data $profile = array( 'auth_username' = 'david', 'auth_password' = 'e0fee9a99fa2fe004bbd70b972a03aa1' ); /* * Optional - Simple Registration Extension: * * If you would like to add any of the following optional registration * parameters to your login profile, simply uncomment the line, and enter the * correct values. * * Details on the exact allowed values for these paramters can be found at: * http://openid.net/specs/openid-simple-registration-extension-1_0.html */ $sreg = array ( 'nickname' = 'daveman692', 'email' = 'recordond@gmail.com', 'fullname' = 'David Recordon', 'dob' = '1986-09-04', 'gender' = 'M', 'postcode' = '941458', 'country' = 'US', 'language' = 'en', 'timezone' = 'America/Los_Angeles' ); while all personal info there, note I don't have to give it away every time
  • 39. Configure Delegation (source of www.davidrecordon.com) html xmlns=http://www.w3.org/1999/xhtml head titleDavid Recordon/title style div { text-align: center; color: #C0C0C0; } img { border: 0px; } a { color: #C0C0C0; } /style link rel=openid.server href=http://www.davidrecordon.com/myid.php / link rel=openid.delegate href=http://www.davidrecordon.com/myid.php / /head
  • 40. Done! Time to configure and upload phpMyID: 5 minutes http://siege.org/projects/phpMyID/
  • 41. OpenID Enabling ExpoCal O M E http://cal.web2expo.com/ Existing users: Sign in and click the the add OpenID D link at the top right New users: Click login and sign in with your OpenID, skipping the signup process :)
  • 42. Tools Used iCalicio by Kellan Elliot-McCrea and Evan Henshaw-Plath Ruby and Rails gem install ruby-openid license of we wrote it in four hours so don't laugh at us!
  • 43. ExpoCal User Model Stores login name and hashed password We need to add an optional OpenID column 1 class AddOpenId ActiveRecord::Migration 2 def self.up 3 add_column :users, :openid, :string 4 add_index :users, [:openid], :name = :users_openid_index 5 end 6 7 def self.down 8 remove_column :users, :openid 9 end 10 end
  • 44. Using the OpenID Library 1 def consumer 2 store_dir = Pathname.new(RAILS_ROOT).join('db').join('openid-store') 3 store = OpenID::FilesystemStore.new(store_dir) 4 return OpenID::Consumer.new(session, store) 5 end FilesystemStore saved OpenID transaction state OpenID::Consumer handles the protocol details Store - RP specific state Session - user specific state Consumer - handles protocol details
  • 45. Add OpenID UI 1 h2Or, login with OpenID/h2 2 %= start_form_tag(:controller='account', :action = 'openid_start') % 3 plabel for=openid_identifierOpenID/labelbr/ 4 %= text_field_tag 'openid_identifier' %/p 5 %= submit_tag 'OpenID Login' % 6 %= end_form_tag % input name=openid_identifer /
  • 46. Handle Login Form Submit 1 def openid_start 2 openid_request = consumer.begin(params[:openid_identifier]) 3 4 case openid_request.status 5 when OpenID::SUCCESS 6 return_to = url_for(:action = 'openid_finish') 7 trust_root = url_for(:controller = '') 8 server_redirect_url = openid_request.redirect_url(trust_root, return_to) 9 redirect_to(server_redirect_url) 10 11 when OpenID::FAILURE 12 flash[:notice] = Could not find your OpenID server. 13 redirect_back_or_default(:controller = '/account', :action = 'index') 14 15 end 16 end 1. Discover 2.Associate 3. Redirect (we’ll handle the server response at the return_to URL) Highlighted numbers: 2 - consumer.begin 6 - build return_to 7 - build trust_root 8 - use the openid_response object to build the server_redirect_url 9 - send redirect!
  • 48. Handle Server Response 1 def openid_finish 2 openid_response = consumer.complete(params) 3 4 case openid_response.status 5 when OpenID::SUCCESS 6 openid = openid_response.identity_url 7 @user = User.find_by_openid(openid) 8 9 unless @user 10 @user = User.create(:openid = openid, :login = openid) 11 end 12 self.current_user = @user 13 flash[:notice] = Welcome #{@user.openid} 14 15 when OpenID::FAILURE 16 flash[:notice] = 'Verification failed.' 17 end 18 19 redirect_back_or_default(:controller = 'talk', :action = 'list') 20 end 2 - consumer.complete(params) 7 - success - find user by openid 10 - create new user if needed 12 - log user in
  • 49. Done! Time to implement OpenID in iCalico: 45 minutes http://cal.web2expo.com/ Not a perfect implementation (yet), but quite good. Check out Ma.gnolia.com for a really great example of integration.
  • 50. So this all looks great, but what are the downsides?
  • 51. Kitten Overload! More kittens! Simon Willison - FOWA 02/07
  • 52. Kitten Overload! FAKE More kittens! Simon Willison - FOWA 02/07
  • 53. Kitten Overload! Identity theft! FAKE :'( Simon Willison - FOWA 02/07
  • 54. You could just remove passwords One possible solution
  • 55. Client Side Certs Brian: certs use cryptography to prove your identity to a website without sharing any secrets like username/password.
  • 56. Microsoft CardSpace (UI for certs) Still to be seen if CS will be adopted, currently only IE 7 in Vista and if user downloads for XP.
  • 57. Vidoop (changing the metaphor) Removes the traditional password, very new technology (consumer launch here)
  • 58. ...but passwords are still widely used
  • 59. VeriSign's OpenID Seatbelt (demoing today)
  • 60. Helps with simplifying the end user experience around OpenID login flows.
  • 61. Checks SSL certs to let you know if you're at the right place before you type your shared secret (password)
  • 62. Helps user experience by letting you know who you're logged in as and automatically filling in your OpenID (note delegation)
  • 63. Protects you by looking at what is happening to your browser, not perfect but better than what exists today. Smart users will combine warnings with login state indicator.
  • 64. OpenID is great for innovation! (authentication method is up to the provider and user) Jabber Run your own on a hacked Linksys router looking at MAC address Tokens Kerberos Best solution is to let users combine methods for how they're using OpenID
  • 65. I don't want just one identity...I mean I don't want my boss to know I'm a furry! or insert other example here
  • 66. Well you don't wear your furry suit to work do you? already solved in real life
  • 67. So use multiple OpenIDs! (you already do this with email addresses today) Solved problem, not a new one OpenID creates. Admit user education is important here.
  • 68. Go code! (and join the conversation at OpenID.net)
  • 69. Thanks! (and don't forget to grab a CD) David Recordon Brian Ellin drecordon@verisign.com brian@janrain.com IIW May 14-16 Mountain View CA