Flux CMS as OpenID server

[ ] [ ] by Christian Stocker @ 08.09.2005 18:10 CEST

Flux CMS (and all Freeflux accounts) is now also an OpenID server. OpenID is a is a decentralized identity system and all it does is provide a way to prove that you own a URL (identity). And it does this without passing around your password, your email address, or anything you don't want it to (Most of this text is from their website).

What can you do now with this? Not much yet, as OpenID is quite new and not very widespread, but LiveJournal already supports it (the main developer of OpenID is Brad Fitzpatrick, the founder of LiveJournal). This means, that if you go to their OpenID login page, you can type in there your Flux CMS or Freeflux URL (like foobar.freeflux.net) and you will be automatically logged in (if you logged in to your Flux CMS account before, if not, you will be asked to do it). And the first time you have to approve, that you allow LiveJournal.com to get your identity. More demos can be seen here.

It is expected that more and more sites support OpenID (there are already WordPress and Moveable Type Plugins available), therefore this could get quite useful. The advantage for you is, that you don't have to remember passwords and usernames on OpenID enabled sites for proving that you really are you.

For the Flux CMS implementation, I just took the library from videntity.org and adjusted the server example a little bit to our needs. That's why it doesn't look right now like the rest of the CMS and there's no management screen for it. It's pretty basic, but does the work. Our further plans are to integrate an OpenID consumer into the comment system, so that you don't have to type your details over and over again and that it proves that it's really you. More ideas are in my mind, let's see, how this develops :)

If you have your own theme or edited master.xsl, you will not have the right line in your html head. Just add

<link rel="openid.server" href="{$webroot}admin/webinc/openid/" />

to your /html/head part in master.xsl and it should work. If it doesn't, please tell us.

And if you want to use that on your own server, make sure the PHP extensions gmp and mhash are installed. There are alternatives written in PHP in the library from videntity.org, but for some reasons they didn't work.

One missing feature currently is also, that there's only one identity per CMS instance, meaning that if you have different users on one installation, all have the same identity (the URL). This will change some day.

Tags:
Related Entries:
New comment mode: Default (and some hints about more features to come)
Location: Bitflux Office (47.380, 8.527)
Comments (1)  Permalink