Hi Prabath, OpenID Provider defines an attribute under the OpenID Attribute Exchange > to contain a white list of a given user [http://axschema.org/whitelist]. >
Here, do we exchange the white list content or a pointer/url to the white list of the user. Flow > ---- > > 1. User registers him self with an OpenID Provider. [user gets an OpenID] > 2. User logs into the OpenID Provider and populates his white list. > 3. User visits RP web site and types his OpenID for login. > 4. RP finds the given user is in it's white list [initially the RP admin > will populate it's white list with a set of trusted users] > 5. User will be redirected to the OpenID Provider for the authentication > + request to his white list > 6. At OpenID Provider user authenticates successfully and approves the > request for the white list > 7. User logs into the RP successfully and RP updates it's white list > Do we need a mechanism to update the white lists of users periodically ? Say for example I didn't have OpenID of A in my white list when I was registering to the RP, but added it later to my white list. This will not be visible in RP's white list if we do not update it periodically. thanks, nandana
_______________________________________________ Identity-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
