| Finally, OpenID made simple! |
[eluser]itibook[/eluser]
Hi, RPX will send a token to the rpx/verify url and your controller will check that and from there you can then authenticate the user into your application. you need to think of this as a second authentication method. So it follows the same principle, the only difference is that the user info comes into the rpx/verify (or whatever you want to call it) and you take it from there... if "authentication" doesn't sound familiar have a look around for some tutorials about basic authentication with codeigniter. ciao Luca I had done something like this in the controller. Take this just as a sample... far from being something usable... I was just trying out and I am still learning. Code: if($token = $this->input->post('token'))
[eluser]BrianDHall[/eluser]
Wow, this seems really cool. I hope to get a chance soon to check into it further and perhaps integrate it into two existing projects at least.
[eluser]ChazUK[/eluser]
Wow, I must be really dumb. So I still have to put in all the login ui code myself? I thought that this would auto generate it.
[eluser]itibook[/eluser]
have a look at the RPX site, maybe it's not really clear for you how it all works... RPX does the authentication for people who want to login using their openid account (be it Facebook, Google, etc)... you only have to output the result of the authentication... so, if the result of RPX is positive, you can log the user in your application... it works like any other API. If you have never integrated an API, that's probably where the difficulty is. ciao Luca
[eluser]ChazUK[/eluser]
Ok, I have got it working so that it displays the login selection, and then I can authenticate with one of the OpenID services, and then I am passed back to my site. Now I've got to map the user accounts to mine. And when I want them to logout, do I just have to use my own sessions to log them out?
[eluser]itibook[/eluser]
Hi Chaz, not sure... have a look at the rpx developers forum http://groups.google.com/group/rpx-developers ciao Luca
[eluser]Mat-Moo[/eluser]
Interested to look at this, but the download only has the library and config, no demo/example as stated in post#1?
[eluser]Mat-Moo[/eluser]
Ok, got the login working... I'm confused on this line "if($id = OpenIDRpx::Identifier($data))" what is $id?
[eluser]Unknown[/eluser]
Hello! I don't really want to stop this enthusiasm about rpxnow. I got it working on my project. But suddenly I get a problem trying to log in with my GoogleID. The identifier changed. And the registered users changed. After some googling I got read this blog post: http://blog.nerdbank.net/2009/01/why-usi...-idea.html , which made me thing of certain things, especially his "phishing argument" The problem about the identifier is discussed in this Article on the google group: http://groups.google.com/group/google-fe...counts-api So, not I'm getting about from rpxnow. It might be a great service, but I'll try keeping the program routines under my control. 
[eluser]itibook[/eluser]
I think the post is too cautious in my view... All solutions have pros and cons. The perfect solution doesn't exist. More into details: a user never notices the "realm" redirection, he just wants to login (interesting the issue of the change realm though). Only a developer sees what's going on (no "normal" person looks at the status bar in a browser). The average (i.e. 99.99%) users only see that they can login with their Google or FB account. Sure RPX becomes your single point of failure, but, unless you are a major site, it's risk you can run. Last but not least: time. Yes, you can use libraries for each provider, but how long will it take you? What are the benefits for you? Do you get more visitors because you coded the authentication yourself? I still think that RPX is a good solution to quickly bring down the adoption barriers. And that's something that matters in my view.. ciao Luca |
| Welcome Guest, Not a member yet? Register Sign In |
