English
资源说明:implementation of an OpenID 2.0 bridge to Wind, the Columbia University single-signon mechanism
INTRO ----- hacker: Schuyler Duveen, sky@columbia.edu sponsor: Columbia University Center for New Media Teaching and Learning This is an implementation of an OpenID 2.0 bridge to Wind, the Columbia University single-signon mechanism. Currently, it allows a Columbia affiliate to login with their UNI to website that supports OpenID (i.e. is a OpenID Relying Party). Alternatively, they can login anonymously. It requires OpenID PHP Library 2.13, available at: http://www.openidenabled.com/ and is based on the examples/server/ code in that library. That library is released under the the Apache License 2.0, and all original modifications here are released under the same license. One exception to this is the Columbia HTML template which remains unlicensed and copyrighted to Columbia University. QUESTIONS --------- 1. Currently the default 'nickname' is the Full Name. good? 2. What to put on identity pages 3. Anonymized identity allowed or too confusing? 4. Should we register/pay for a https certificate so the domain doesn't switch? TODO ---- 1. consider serving openid2.provider as http or https depending on the http_referrrer before doing this, confirm that it matters in some context. http->https should be fine. 2. nice identity pages: 1. links to directory info 2. how to use make columbia your OpenID delegate 3. better trust page text 1. Don't use opaque words like 'RP' 2. Trust this Site -> Login to Site _____ 4. styled home page 1. links to openid, and what is supported 2. Description of Openid 3. link to code? 5. audit anonymized friendlyID by someone smart (i.e. student-cvcvcDD from first 7 hex-digits of hmac) 6. More infrastructure if we are to allow users to permanently trust sites --we can at least do this in the browser with a perma-cookie
本源码包内暂不包含可直接显示的源代码文件,请下载源码包。
