Shade,
The openid-test page is pretty old, from what I heard from Janrain a few
months ago.  Can you verify whether this behavior holds true on their recent
demo RPs such as
http://openidenabled.com/ruby-openid/trunk/examples/consumer ?

If so, please file a bug with them.  The relevant section of the spec is
OpenID 2.0 section 7.2 bullet 3.
--
Andrew Arnott
"I [may] not agree with what you have to say, but I'll defend to the death
your right to say it." - Voltaire


On Sat, Apr 25, 2009 at 9:44 PM, SitG Admin <sysad...@shadowsinthegarden.com
> wrote:

>  I believe the spec says that if the user were to enter a fragment, the RP
>> should trim it off before sending the auth request to the OP.
>>
>
> I tried it here:
> http://openidenabled.com/resources/openid-test/diagnose-server/
> The output began with
> Checking http://shadowsinthegarden.com/#generation...
> Fetching http://shadowsinthegarden.com/#generation
>
> I just checked Pibb, too; it recognized me. I ran the openidenabled.comtests 
> again, this time checking Apache's access.log and comparing to what
> Pibb sent me there with; Pibb looked for my OpenID headers at '/', but
> openidenabled.com specifically requested '/#generation':
>
> Identity authenticated as http://shadowsinthegarden.com/#generation
>
> I'm currently using the openidenabled.com library; I can work around that
> behavior for now, but will just make it a cheap kludge until I know whether
> a future version will have a better (integrated) solution.
>
> -Shade
>
_______________________________________________
specs mailing list
specs@openid.net
http://openid.net/mailman/listinfo/specs

Reply via email to