With all the news of big companies like Yahoo!, IBM, Google, Verisign and Microsoft throwing their weight behind OpenID, I thought I'd investigate this avenue and ultimately ended up jumping on the bandwagon.
The whole point of OpenID is you could use one identity to gain access to a multitude of websites. This is a great idea, but I'm not comfortable with someone else proving who I am. I like to do this myself, so I set to creating my own OpenID server.
This document will detail how you too can setup your own, single identity, OpenID provider (IdP), with cruft free URIs, using phpMyID. Don't worry, it's not a particularly complex process and shouldn't take you more than about 30 minutes to setup, regardless of operating system.
Once finished, you can use your website URI (I use lildude.co.uk) as your OpenID.
<?php echo md5("username:phpMyID:password") ?>
You need to replace "username" with the username you wish to use and "password" with the secure password you wish to use. Do NOT change the "phpMyID" string.
MyID.config.phpand change the following two lines:
'auth_username' => 'test', 'auth_password' => '37fa04faebe5249023ed1f6cc867329b',
Set 'auth_username' to he username you used in step 2, and set 'auth_password' to the string you got from one of the methods detailed in step 2.
In theory, that's all that's needed, you could now go ahead and upload the directory and set the appropriate headers (more on those later) however I said we'd make things cruft free, so lets carry on.
index.php, and if necessary configure your web server to allow
index.phpas a valid DirectoryIndex. Whilst you're at it, rename the
phpMyID-0.8directory to something simple like
idfor ease of use.
Now if you were to upload the
id directory to the root of your web site, your OpenID Provider (IdP) URI would be
http://yourdomain/id/. Take note of this, you'll need it in a moment.
index.phpfile in the
iddirectory and uncomment (remove the # sign) the '
idp_url' line and set the value to your IdP determined above. Mine is:
'idp_url' => '/id/'
Whilst you're at it, feel free to uncomment and set appropriate values for the "Simple Registration Extension" (SREG) section of this file. This helps sites you login with using your OpenID to gather useful information about you. See the SREG spec for more details.
If you feel the need to change anything else in this file, please consult the
README.txt supplied with phpMyID BEFORE making any changes.
iddirectory to your web server and check your setup. In the box that appears enter your IdP determined in step 4. If all goes well, you should get a "Try Logging in" link and logging in using the username and password you set in step 2 should succeed.
/id/part. To do this, add the following lines to the header of your main site:
<link rel="openid.server" href="http://yourdomain/id/" /> <link rel="openid.delegate" href="http://yourdomain/id/" />
Set the href values to your IdP URI (both entries must be the same), and check your setup again. This time, enter your main website address, eg http://yourdomain, in the "Check an ID" box. This should work as before.
That's it. Now you can login to sites that accept OpenID using your main website URI. In my case, I use /.
If you want a simple multi-user OpenID implementation, then why not check out Clamshell - it's phpMyID with the added multi-user functionality added on.
Feel free to post comments to this post using your new OpenID and see how the SREG information is used to populate your name, email and URI (this will be your OpenID URI) for your comment.