As I have been spending all day investigating all the different ways of securing a Web API (oAuth mainly) and all kind of user authentications (WSSE, AuthSub, OpenID), I decided to try out OpenID (especially since Yahoo announced their support and that Google will soon join the party although if Yahoo get bought by MS, that might change things a bit, but I regress).
So I went to myopenid.com and signed up for one. I am now officially known as https://soothe.openid.com.
But then I realized I could actually use my own blog and delegate to myopenid.com. Following the instructions here, I could now use http://www.plutinosoft.com/blog/ as my OpenID !
Yeah cool but I still depend on http://www.myopenid.com and what if they go under. So instead I want to be my own OpenID provider! So I followed the instructions using Sam Ruby’s phpMyId and voila, my blog url can be used as an OpenID identifier for all websites supporting OpenID (including plaxo).
Here’s my setup:
1. Created a openid folder on my site (http://plutinosoft.com/openid/).
2. Downloaded phpMyID files into it
3. Renamed MyID.config.php to index.php
4. Renamed htaccess to .htaccess and commented out option 1 (since I am running my blog on dreamhost and php as cgi)
5. Followed the instructions in README to create password digest and edited index.php by modifying auth_username and auth_password
6. Edited the idp_url in index.php to be “http://www.plutinosoft.com/openid/”
7. Edited the header.php of my Wordpress theme and added the following link tags under the html head:
<link rel="openid.server" href="http://www.plutinosoft.com/openid/" />
<link rel="openid.delegate" href="http://www.plutinosoft.com/openid/" />
8. Went to plaxo and logged in using my OpenID “http://www.plutinosoft.com/blog/”
I love it when technology works (although it took me a few hours longer than I expected) ;-)
Update:
Instead of editing the wordpress header.php file, I went ahead and modified the index.html at the root of my site with
<link rel="openid.server" href="http://www.plutinosoft.com/openid/" />
<link rel="openid.delegate" href="http://www.plutinosoft.com/openid/" />
and now I can use http://www.plutinosoft.com to sign in as an OpenID. Yep!