MAA Use Case OpenID

From MemberWiki

Jump to: navigation, search

This is a use-case which is more popular in a Web2.0 type environment which typically tend to favor Openid. There could be a couple of ways in which this could be implemented. One particular deployment we have seen is: 

   c1. user authenticates to mashup server 
   c2. mashup page loads gadget from gadget server. 
   c3. gadget server uses "identifier-select" mode of Openid and redirects to the Mashup server's Openid Provider URL 
   c4. after the appropriate response message and validation by the gadget server, gadget is loaded into mashup.

Another possibility is for the mashup page to include the "openid identifier" in the initial load request from the gadget server. The rest of the protocol follows c3-c4. This has some security issues and needs to be implemented with appropriate validation at the gadget server.

Retrieved from "http://www.openajax.org/member/wiki/MAA_Use_Case_OpenID"
Personal tools