Capitolo 1 OPEN ID APPUNTI

http://openid.net/specs/openid-authentication-2 0.html openid fornisce un sistema con cui un utente pu` registrarsi ad un sito o utilizzando l’open id provider / relying party che preferisce (tipo google). open id ` decentralizzato, quindi non c’` un’autorit` principale che decide e e a quali relying party/provider possono utilizzare openid. Relying party e OpenID Provider sono la stessa cosa??? Relying Party: RP. A Web application that wants proof that the end user controls an Identifier. OpenID Provider: OP. An OpenID Authentication server on which a Relying Party relies for an assertion that the end user controls an Identifier. OP Endpoint URL: The URL which accepts OpenID Authentication protocol messages, obtained by performing discovery on the User-Supplied Identifier. This value MUST be an absolute HTTP or HTTPS URL. OP Identifier: An Identifier for an OpenID Provider. User-Supplied Identifier: An Identifier that was presented by the end user to the Relying Party, or selected by the user at the OpenID Provider. During the initiation phase of the protocol, an end user may enter either their own Identifier or an OP Identifier. If an OP Identifier is used, the OP may then assist the end user in selecting an Identifier to share with the Relying Party. protocol overview.... da rivedere i messaggi di protocollo sono in plain text, in formato chiave-valore comunicazione diretta —- tra relying party e op messaggi inviati via http request devono contenere openid.ns (un particolare url Value: http://specs.openid.net/auth/2.0) e un openid.mode (senza il mode non ` una richiesta valida) e ` la relying party che inizia la comunicazione verso un op endpoint url e per stabilire un’associazione (?) e verificare autenticazione....(?) tutte le richieste dirette sono post comunicazione indiretta—– con lo user-agent di mezzo per richieste e risposte di autenticazione e pu` essere iniziata da una parte o dall’altra ci o 1

a website offering OpenID login can resolve a user’s OpenID identifier to an XRDS document to discover the location of the user’s OpenID service provider. so that User-Agents can automatically determine that this is an OpenID form. The form field’s name attribute SHOULD have the value openid identifier. the Relying Party SHOULD present the end user with a form that has a field for entering a User-Supplied Identifier. (google) 2 . Browser extensions or other software that support OpenID Authentication may not detect a Relying Party’s support if this attribute is not set appropriately.sono due metodi: redirect http e form submission Initiation To initiate OpenID Authentication. For example.` un documento XML che viene utlizzato per l’autenticazione con e openid. XRDS .

Sign up to vote on this title
UsefulNot useful