[jdev] Jabber Login with OpenID
Peter Saint-Andre
stpeter at stpeter.im
Tue Jun 2 23:18:02 CDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 5/22/09 6:39 AM, Bernhard zwischenbrugger wrote:
> Hi All
>
> I try to make a webchat with OpenID Login.
>
> OpenID is not difficult.
> Using https://rpxnow.com/ for example makes it very simple.
> Also a Jabber Login using "Strophe" or and other BOSH Lib is simple.
> No Problem with that
>
> But combining this 2 things is not easy at all.
>
> If you have never seen openid, here is a simple login process:
> http://lamp2.fhstp.ac.at/~lbz/beispiele/ss2009/openid/
>
> ejabberd provides the "auth_method: external" and it should be possible
> to login using openid.
That's SASL EXTERNAL. Typically it is used with a digital certificate
presented during TLS negotiation.
> The problem:
>
> 1.) I don't know how to make the login. I have to send the TOKEN to the
> jabberserver, but I don't have a username or password.
> 2.) If I don't have a username, the jabberserver can't create a useraccount
> 3.) What to use as username? openid provides an "identifier" which seems
> to be unique - but thats not a good username.
>
> Maybe you have an idea for some if this things.
My idea is that if people want OpenID login, they would need to define a
new SASL mechanism. Personally I don't trust OpenID, but other people
might have enough trust in it to define and use such a SASL mechanism.
Peter
- --
Peter Saint-Andre
https://stpeter.im/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkol+XoACgkQNL8k5A2w/vwCKgCfUs8a/XmsTxHlv2ZXby2NOGn5
800AnRZpERPHEGg+Vf8VzyMN738TOSV9
=7Xlp
-----END PGP SIGNATURE-----
More information about the JDev
mailing list