Pages

OpenID

OpenID is an open, decentralized standard for user authentication and access control, allowing users to log on to different services with the same digital identity. OpenID replaces the common login process that uses a login-name and a password, by allowing a user to log in once and gain access to the resources of multiple software systems.
An OpenID is in the form of a unique URL, and is authenticated by the user’s ‘OpenID provider’ (that is, the entity hosting their OpenID URL).The OpenID protocol does not rely on a central authority to authenticate a user’s identity. Since neither the OpenID protocol nor Web sites requiring identification may mandate a specific type of authentication, non-standard forms of authentication can be used, such as smart cards, biometrics, or ordinary passwords.
OpenID authentication is used and provided by several large websites. Organizations like AOL, BBC,Google, IBM, Microsoft, MySpace, Orange, PayPal, VeriSign, Yandex, Ustream and Yahoo! act as providers.http://www.openid.org/
Why OpenID?
Remember one username and password, not 100.
openid-login

One login, many sites
An OpenID is a single username and password that lets you login to any OpenID-enabled site. OpenID makes remembering different usernames and passwords for different sites a thing of the past.


OpenID Federated Login Service for Google Apps
Google Apps offers an OpenID API that allows end users to securely sign in to third party web sites using their Google Apps user account. The OpenID standard frees users from having to set up separate login accounts for different web sites–and conversely, frees web site developers from the task of managing login information and security measures. OpenID achieves this goal by providing a framework in which users can establish an account with an

OpenID provider, such as a Google Apps hosted domain, and use that account to sign into any web site that accepts OpenIDs.
Google Apps API supports the OpenID 2.0 Directed Identity protocol, allowing any hosted domain to provide authentication support as an OpenID provider. On request from a third-party site, Google authenticates users who are signing in with an existing Google Apps account, and returns to the third-party site an identifier that the site can use to recognize the user. This identifier is consistent, enabling the third-party site to recognize the user across multiple sessions.


Functionality
You want to log in to a site. You type in your OpenID (which will be something like http://yourname.openidprovider.com), you will then be redirected to your OpenID provider, you log in on that site, and you are then redirected back to the website you were trying to log in to in the first place.
YES or NO for OpenID?
Yes, certainly. It’s a great idea, but the implementation is complicated at present. If you login the usual way, it is “login” and done. However, the OpenID way is “login – openID – login again – return to site” which is quite cumbersome. But for those who like the idea of a single login for all sites, this is a small issue.

OpenID Provider Server URL
LiveJournal
http://www.livejournal.com/openid/server.bml
Vox http://www.vox.com/services/openid/server
VeriSign https://pip.verisignlabs.com/server
MyOpenID http://www.myopenid.com/server
Platform
OpenID 2.0 runs a PHP implementation. OpenID is coded or build by PHP (ASP.NET, JAVA SCRIPT, etc..,).
If the user have the ability to run own server software, then it is easy to build secure open ID of his own.

Advantages
- Non-proprietary
- Decentralized
- You can choose/change your OpenID provider
- You can host your OpenID on your own domain too!
- Single login for many many sites.



More Here


Courtesy:http://pkashy.wordpress.com/2009/07/29/openid/

3 comments: