Can somebody clarify couple of questions?
Sam Alexander
sam.alexander at vidoop.com
Mon Mar 12 08:36:37 PST 2007
Are you implementing sessions? It sounds like OpenID correctly
identifies the user, but then its up to your relying site to start a
"session" with that user to maintain their "authenticated" status for
each of the pages that you have.
Unless you have a specific reason to require another OpenID request, it
is up to your site to remember that the user is "authenticated" while
they browse your pages. If that is the problem, I would take some time
to research PHP sessions.
> I want to integrate OpenID into my PHP script.
>
> I'm using Simple OpenID library, because I could not get JanRain's
> library to work. Too big and not much documented. So, what I can do
> now is make an URL for redirection to verification server, and when
> user allows authentication and returns back to my site, I'm doing
> 'check_authentication' with absolutely all parameters same, as I just
> received from server. And it goes okay, I mean it returns valid. Then,
> for example, user is browsing thru my pages and I need to check for
> authentication one more time. I'm doing this again with the same
> parameters, but it return false.
>
> What is wrong in my logic? I've read all specs lots of times already,
> but cannot find an answer.
>
> _______________________________________________
> Dev mailing list
> Dev at lists.openidenabled.com
> http://lists.openidenabled.com/mailman/listinfo/dev
>
>
More information about the Dev
mailing list