Re: [PHP] OpenId Provider
I don't know about LDAP but Zend openID provider can be a good choice http://framework.zend.com/manual/en/zend.openid.html On 10/28/11, Roy Kaldung wrote: > Hi, > > Can anybody recommend a good OpenId Provider? > I need one with LDAP integration if available. > > tia, > Roy > > -- > Roy Kaldung > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] OpenId Provider
Hi, Can anybody recommend a good OpenId Provider? I need one with LDAP integration if available. tia, Roy -- Roy Kaldung -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
There is a openID mailing list set up if anyone has any technical questions, gene...@openid.net -Nate On Fri, Feb 5, 2010 at 4:57 PM, haliphax wrote: > On Mon, Feb 1, 2010 at 9:54 PM, Michael A. Peters wrote: > > > Daevid Vincent wrote: > > > >> > >> > >>> -Original Message- > >>> From: Al [mailto:n...@ridersite.org] Sent: Monday, February 01, 2010 > >>> 12:09 PM > >>> To: php-general@lists.php.net > >>> Subject: [PHP] OpenID > >>> > >>> This is a bit off subject, but > >>> > >>> What is your opinion on OpenID? > >>> > >> > >> Failed gimick. Tried to resurface again about a year ago. Still seems > like > >> failure. > >> > > > > ++ > > > > Session ID hijacking is bad enough, it gives the malicious user access to > > one resource. > > > > OpenID hijacking gives the malicious user access to a ton of resources. > > And what does a user do when their OpenID provider disappears? > > > > > I think Michael hit the nail on the head as far as my concerns are.. well.. > concerned. :) Google's OpenID provider seems like it would be around > forever > and whatnot, but if you're going to rely on one of the "big" OpenID > providers, then it would appear that OpenID itself is useless. Facebook's > OpenID, etc., are on shaky ground at best. > > I use a few sites that leverage OpenID as their login process, and I've got > to say--it's very convenient. However, I only use my Google account for > OpenID logins, so to me, it's really just a Google connector. > > I commend everyone involved for their effort, but I think the underlying > principles need to be re-examined. It feels like they rushed the whole > concept into production before too many of the fundamental issues had been > discussed and dealt with. > > My 2c. > > > // Todd >
Re: [PHP] OpenID
On Mon, Feb 1, 2010 at 9:54 PM, Michael A. Peters wrote: > Daevid Vincent wrote: > >> >> >>> -Original Message- >>> From: Al [mailto:n...@ridersite.org] Sent: Monday, February 01, 2010 >>> 12:09 PM >>> To: php-general@lists.php.net >>> Subject: [PHP] OpenID >>> >>> This is a bit off subject, but >>> >>> What is your opinion on OpenID? >>> >> >> Failed gimick. Tried to resurface again about a year ago. Still seems like >> failure. >> > > ++ > > Session ID hijacking is bad enough, it gives the malicious user access to > one resource. > > OpenID hijacking gives the malicious user access to a ton of resources. > And what does a user do when their OpenID provider disappears? > > I think Michael hit the nail on the head as far as my concerns are.. well.. concerned. :) Google's OpenID provider seems like it would be around forever and whatnot, but if you're going to rely on one of the "big" OpenID providers, then it would appear that OpenID itself is useless. Facebook's OpenID, etc., are on shaky ground at best. I use a few sites that leverage OpenID as their login process, and I've got to say--it's very convenient. However, I only use my Google account for OpenID logins, so to me, it's really just a Google connector. I commend everyone involved for their effort, but I think the underlying principles need to be re-examined. It feels like they rushed the whole concept into production before too many of the fundamental issues had been discussed and dealt with. My 2c. // Todd
Re: [PHP] OpenID
Daevid Vincent wrote: -Original Message- From: Al [mailto:n...@ridersite.org] Sent: Monday, February 01, 2010 12:09 PM To: php-general@lists.php.net Subject: [PHP] OpenID This is a bit off subject, but What is your opinion on OpenID? Failed gimick. Tried to resurface again about a year ago. Still seems like failure. ++ Session ID hijacking is bad enough, it gives the malicious user access to one resource. OpenID hijacking gives the malicious user access to a ton of resources. And what does a user do when their OpenID provider disappears? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] OpenID
On Mon, 2010-02-01 at 18:38 -0800, Daevid Vincent wrote: > > > -Original Message- > > From: Al [mailto:n...@ridersite.org] > > Sent: Monday, February 01, 2010 12:09 PM > > To: php-general@lists.php.net > > Subject: [PHP] OpenID > > > > This is a bit off subject, but > > > > What is your opinion on OpenID? > > Failed gimick. > Tried to resurface again about a year ago. > Still seems like failure. > > http://electronicmuseum.org.uk/2008/07/16/openid-fail/ > http://thenextweb.com/2008/10/30/google-openid-fail/ > http://en.wikipedia.org/wiki/OpenID#Adoption > > > Are you using it? > > Uhm, no. > I've got more important things to worry about and implement. > > > Is it worth the trouble? > > I hear it's relatively simple to implement, but even then it's just another > hassle you have to test and work with forever (or eventually drop it as > some sites have). > > > What php code applic, or did you code your own? > > Pear has an alpha release OpenID, anyone try or using it? > > N/A > > It sounds great in theory, but I see it as a solution in search of a > problem. Sure everyone has a bajillion logins, but you know what, the > browser has solved that long ago by remembering my user/pass for each and > every site. Most sites also conveniently store a cookie hash so you don't > even have to login -- it just knows you if you use the same computer to > connect. > > There is an inherent distrust when you are re-directed somewhere -- I don't > even like to get redirected to PayPal from eBay, and they're the same > company! :) > > It's too "techy" for Jane Average and too cumbersome for Joe Savvy. > > YMMV. > > I see some popular sites are starting to use it as a login method. Sourceforge for example allows OpenID logins. Thanks, Ash http://www.ashleysheridan.co.uk
RE: [PHP] OpenID
> -Original Message- > From: Al [mailto:n...@ridersite.org] > Sent: Monday, February 01, 2010 12:09 PM > To: php-general@lists.php.net > Subject: [PHP] OpenID > > This is a bit off subject, but > > What is your opinion on OpenID? Failed gimick. Tried to resurface again about a year ago. Still seems like failure. http://electronicmuseum.org.uk/2008/07/16/openid-fail/ http://thenextweb.com/2008/10/30/google-openid-fail/ http://en.wikipedia.org/wiki/OpenID#Adoption > Are you using it? Uhm, no. I've got more important things to worry about and implement. > Is it worth the trouble? I hear it's relatively simple to implement, but even then it's just another hassle you have to test and work with forever (or eventually drop it as some sites have). > What php code applic, or did you code your own? > Pear has an alpha release OpenID, anyone try or using it? N/A It sounds great in theory, but I see it as a solution in search of a problem. Sure everyone has a bajillion logins, but you know what, the browser has solved that long ago by remembering my user/pass for each and every site. Most sites also conveniently store a cookie hash so you don't even have to login -- it just knows you if you use the same computer to connect. There is an inherent distrust when you are re-directed somewhere -- I don't even like to get redirected to PayPal from eBay, and they're the same company! :) It's too "techy" for Jane Average and too cumbersome for Joe Savvy. YMMV. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] OpenID
This is a bit off subject, but What is your opinion on OpenID? Are you using it? Is it worth the trouble? What php code applic, or did you code your own? Pear has an alpha release OpenID, anyone try or using it? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
Alex Chamberlain wrote: Hi, Has anybody had any success implementing an OpenID server in PHP?? Alex Third result on a search in Google using openid server php returned this page. http://wiki.openid.net/Run_your_own_identity_server -- Jim Lucas "Some men are born to greatness, some achieve greatness, and some have greatness thrust upon them." Twelfth Night, Act II, Scene V by William Shakespeare -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
On Fri, Jul 18, 2008 at 2:37 AM, Per Jessen <[EMAIL PROTECTED]> wrote: > Kevin Waterson wrote: > >> This one time, at band camp, "Alex Chamberlain" >> <[EMAIL PROTECTED]> wrote: >> >>> Has anybody had any success implementing an OpenID server in PHP?? >> >> Sure, I had mine all set up on oceania.net and then the domain got >> stolen. So, all my OpenID info went with it.. not as good an idea as >> it first seems. > > I'm curious, how does a domain "get stolen" ? > > > /Per Jessen, Zürich I saw a story where a guy had a XSS vuln on his site that allowed a malicious user to inject a backdoor forwarding filter on his gmail account. Then the malicious user used the guys gmail account to transfer his domain.
Re: [PHP] OpenID
This one time, at band camp, Per Jessen <[EMAIL PROTECTED]> wrote: > I'm curious, how does a domain "get stolen" ? This is a process I am now looking in to. The domain was registered via a reseller who I also had an email address with. The reseller had access to to both my domain registration details, and my email address. With both of these they were able to simply enact a transfer and intercept the mail agreeing to the deal. I now have documentary proof of this from the gandi and have contacted the Australian Police regarding the matter. I am also trying to get the domain back via icann and mediation, which has so far cost me over $1k. Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
Clamshell -- http://wiki.guruj.net/Clamshell!Home HTH On Fri, Jul 18, 2008 at 1:36 AM, Alex Chamberlain <[EMAIL PROTECTED]> wrote: > Hi, > > > > Has anybody had any success implementing an OpenID server in PHP?? > > > > Alex > > > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Bipin Upadhyay I'd love to change the world, but they won't gimme the source code. http://projectbee.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
Per Jessen wrote: Kevin Waterson wrote: This one time, at band camp, "Alex Chamberlain" <[EMAIL PROTECTED]> wrote: Has anybody had any success implementing an OpenID server in PHP?? Sure, I had mine all set up on oceania.net and then the domain got stolen. So, all my OpenID info went with it.. not as good an idea as it first seems. I'm curious, how does a domain "get stolen" ? /Per Jessen, Zürich Is it per accident that he mentioned 'oceania.net' while it's about an identification topic? The only thing I can relate Oceania to, is not such a funny story about knowing everything about people. -- Aschwin Wesselius /'What you would like to be done to you, do that to the other'/
RE: [PHP] OpenID
> This one time, at band camp, "Alex Chamberlain" > <[EMAIL PROTECTED]> wrote: > > > > Has anybody had any success implementing an OpenID server in PHP?? > > Sure, I had mine all set up on oceania.net and then the domain got > stolen. So, all my OpenID info went with it.. not as good an idea as > it first seems. > > > Kevin Other than the mystery of the stolen domain, what software did you run?? Did you write it yourself?? Alex No virus found in this outgoing message. Scanned by AVG Free 8.0 Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.5.0/1557 - Release Date: 17/07/2008 05:36 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
On Friday 18 July 2008 08:37:14 Per Jessen wrote: > Kevin Waterson wrote: > > This one time, at band camp, "Alex Chamberlain" > > > > <[EMAIL PROTECTED]> wrote: > >> Has anybody had any success implementing an OpenID server in PHP?? > > > > Sure, I had mine all set up on oceania.net and then the domain got > > stolen. So, all my OpenID info went with it.. not as good an idea as > > it first seems. > > I'm curious, how does a domain "get stolen" ? he forgot to pay the bills ;) > > > /Per Jessen, Zürich -- --- Børge Holen http://www.arivene.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
Kevin Waterson wrote: > This one time, at band camp, "Alex Chamberlain" > <[EMAIL PROTECTED]> wrote: > >> Has anybody had any success implementing an OpenID server in PHP?? > > Sure, I had mine all set up on oceania.net and then the domain got > stolen. So, all my OpenID info went with it.. not as good an idea as > it first seems. I'm curious, how does a domain "get stolen" ? /Per Jessen, Zürich -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] OpenID
This one time, at band camp, "Alex Chamberlain" <[EMAIL PROTECTED]> wrote: > Has anybody had any success implementing an OpenID server in PHP?? Sure, I had mine all set up on oceania.net and then the domain got stolen. So, all my OpenID info went with it.. not as good an idea as it first seems. Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] OpenID
Hi, Has anybody had any success implementing an OpenID server in PHP?? Alex -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php