Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [openid]

OpenID is an open standard that allows users to be authenticated by co-operating sites

OpenID logo

OpenID is an open standard that allows users to identify themselves to websites by means of a URL which either points directly to an OpenID authenticator, or points to to a page which contains redirection details to such an authenticator. The original website can know with confidence that the user has authenticated themselves to the delegated site, but doesn't know any of the tokens that were used by the user to perform this authentication.

OpenID differs from or in that the user controls which authentication engine is used, and no information other than the success or failure of the authentication is passed to the calling website.

OpenID allows you to use an OpenID account to sign in to multiple websites, without needing to create new passwords / identities.

Website: http://openid.net

Wikipedia: http://en.wikipedia.org/wiki/Openid

50 questions
27
votes
8 answers

Is there a danger in fake OpenID providers?

I've been wondering. Since anybody can start an OpenID provider, and since there is no central authority that approves OpenID providers, why won't fake OpenID providers become a problem? For example, a spammer could start an OpenID provider with a…
amarillion
  • 1,409
  • 2
  • 16
  • 25
23
votes
24 answers

Is Open ID better than the usual LogIn system?

We are developing a web system and considering using the Open Id feature. Do you think it is any better than the usual way of loggin users in? If we use the Open Id feature that means the users will be redirected to the site of their choice of Open…
Sajal Dutta
  • 613
  • 5
  • 18
18
votes
6 answers

Is OpenID this easy to hack or am I missing something?

For those Relying Parties (RP) that allow the user to specify the OpenID Provider (OP), it seems to me than anyone that knows or guesses your OpenID could Enter their own OP address. Have it validate them as owning your OpenID. Access your account…
David
  • 181
  • 1
  • 3
9
votes
5 answers

Is open id secure?

Is open ID secure, for example can you use it to log into bank accounts?
Daniel
  • 3,741
  • 7
  • 32
  • 33
7
votes
4 answers

How do accept multiple authentication options in Apache?

I want to protect a path in my VirtualHost but allow users a variety of authentication options (e.g. mod-auth-cas, mod-auth-openid and mod-auth-digest.) How do I set up the virtual host definition to allow multiple auth-types for the same location?
James A. Rosen
  • 503
  • 3
  • 9
  • 19
5
votes
5 answers

Alleviating the Password Explosion Problem

Don't you just hate it when your password explodes, letting the magic smoke out of your server, and setting lp0 ablaze? In all seriousness, the number of places a person needs a username and password is increasing dramatically. It looks like OpenID…
Clinton Blackmore
  • 3,510
  • 6
  • 35
  • 61
4
votes
1 answer

How To Use Amazon Cognito As An SSO OpenID Identity Provider

We currently use Google as an OpenID identity provider to our web platform. We need to move away from it. I discovered Amazon Cognito (we already use EC2/S3 and the rest). I discovered the well_known here:…
jn1kk
  • 171
  • 2
  • 10
3
votes
1 answer

Intermittent OpenID Connect login error in ADFS 4.0

We have a Windows 2016 ADFS 4.0 farm (WID database, not SQL Server) hosted in Azure. We are working with a new OpenID Connect application, and want to use ADFS to authenticate and populate user profiles from AD. The application is using a shared…
RyanM
  • 41
  • 4
2
votes
1 answer

Keycloak x.509 certificate authentication

I'm trying to set up the following architecture but I'm struggling: Keycloak container with this image jboss/keycloak:7.0.0 Apache with mod_auth_openidc The apache has a protected directory Apache does an SSL client Authent I want to configure…
No name
  • 21
  • 1
  • 5
2
votes
0 answers

SAML/OpenID authentication on Docker/Core OS

I have a set of servers running Core OS/Docker/Docker Swarm. I have my users in a SAML/OpenID SSO server. I want these users to be able to run Docker containers on my Core OS cluster. How do I authenticate SAML/OpenID users into Docker/Docker Swarm?…
Konstantin Kladko
  • 31
  • 3
2
votes
0 answers

Do I need my own oauth and/or openid connect provider

Sorry .... I want to completely rephrase this question:, and I've asked the same question on Information Security now The system I'm working on will have a mobile application, a web portal and an HTTP-based API. The question that I cannot seem to…
Johan
  • 427
  • 1
  • 4
  • 14
2
votes
3 answers

How to configure simpleid to claim my ID?

I am trying to configure Apache as an OpenID provider using simpleid. I have followed the instructions to the letter till I got to the part about "Claim your identifier". Now, this is where I am stuck. Let's say my server is at http://example.com…
Umar Farooq Khawaja
  • 161
  • 7
2
votes
1 answer

Single Sign-on for Intranet WordPress using OpenID (or OAuth), IIS, Integrated Windows Authentication, Active Directory?

Is it possible to have single sign-on for intranet WordPress sites by using OpenID (or OAuth), IIS, Integrated Windows Authentication, Active Directory? I'd like to have Active Directory users automatically log in to non-IIS (LAMP) intranet sites…
user24932
  • 145
  • 7
2
votes
1 answer

PhpMyID and mobile browsers

I have PhpMyID running on my server. When I use my own provider to log in with any desktop browser, it works just fine. But when I try to log in with my handheld device which is running Android 2.2, it would not work. What stackexchange sites tell…
Roman Grazhdan
  • 334
  • 3
  • 15
2
votes
2 answers

OpenID server with PHP

We have an existing user database (in our SMF forum) and we want to setup an OpenID server so that our users can use their account to login also on other sites. The user database can be accessed via MySQL and we can only use PHP on that server. I…
Albert
  • 302
  • 1
  • 2
  • 12
1
2 3 4