Open ID’ing

I have being testing the creation and configuration of an specific account for OpenID in one of the profiles supported by sourceforge.net authentication list:

  • AOL http://openid.aol.com/screenname
  • Livejournal http://username.livejournal.com/
  • Blogger http://blogname.blogspot.com/
  • Yahoo https://me.yahoo.com/username

Having already some of this profiles ready to use, i decided to set up my identity via Google, as far as I am already using some of thir products quite often.

So at this point you can either log in Sourceforge with your personal account or register a new user based on a OpenID provider.

Suposing the second one, the registration sends a message to Blogger to ask for confirmation of the confidence on authentication with Sourceforge. Regarding registration forms, they may share information based on specific formats, I will try to take a look into this one day.

So once accepted, you can link your sourceforge.org id with the OpenID url provided, in order to use that url (in this case ltilve.blogspot.com) to log in, never mind the user_id you could register.

I guess that this algorithm is based on something similar to SSO behavior, prepared to filter ‘man-in-the-middle‘ vulnerabilities, but I will review this to have more information 🙂

  • http://openid.net/what/
  • http://alexandria.wiki.sourceforge.net/OpenID

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *

What is 10 + 4 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)