my reply to Christian. ---------- Forwarded message ---------- From: Ivan Kurmanov <duraley@gmail.com> Date: Tue, Apr 24, 2012 at 11:45 AM Subject: Re: OpenID To: Christian Zimmermann <zimmermann@stlouisfed.org> The OpenID standard does not provide a means for exposing the user name or other details from the provider (RAS in our case) to the relying part (CitEc in our case). It only provides a means to check if the user is registered and actually controlling the URL he has provided. For example, if the user is actually the owner of the profile page. To expose the name and shortid we will need to somehow extend the OpenID protocol or simply let the relying party parse the profile page and extract the needed data from there. -ivan On Thursday, April 19, 2012, Christian Zimmermann wrote:
I think the name is essential. having the short-id separately would be good as well. That is: the using service would not need to parse the URL.
On Wed, 18 Apr 2012, Ivan Kurmanov wrote:
Jose,
On Tue, Mar 20, 2012 at 11:59 AM, Jose Manuel Barrueco <barrueco@uv.es> wrote:
Great! I'm ready to follow your advice in this issue. The script that could beneficiate of RAS-mediated authentification is:
http://citec.repec.org/cgi-****bin/ui.pl<http://citec.repec.org/cgi-**bin/ui.pl> <http://citec.repec.**org/cgi-bin/ui.pl<http://citec.repec.org/cgi-bin/ui.pl>
it is used to submit references to the cited database. At the moment it requires local users/passwd. The idea woudl be to use RAS users so that we don't need to register them locally.,
OpenID authentication by itself would mean you'll be able to tell if the user is a registered RAS user (or not), and you'll have some URL that is related to the user and is unique. For example, the user's profile page URL.
Additionally, we can plan that you'll have the user's short-id (it will be part of the URL). Do you need any other details from RAS about the user? (like his name, for example)
-ivan
On Tue, Mar 20, 2012 at 11:59 AM, Jose Manuel Barrueco <barrueco@uv.es
wrote:
Great! I'm ready to follow your advice in this issue. The script that could beneficiate of RAS-mediated authentification is:
http://citec.repec.org/cgi-****bin/ui.pl<http://citec.repec.org/cgi-**bin/ui.pl> <http://citec.repec.**org/cgi-bin/ui.pl<http://citec.repec.org/cgi-bin/ui.pl>
it is used to submit references to the cited database. At the moment it requires local users/passwd. The idea woudl be to use RAS users so that we don't need to register them locally.,
Regards,
On Mon, 19 Mar 2012, Ivan Kurmanov wrote:
Jose,
Christian says there's a good place in CitEc to use OpenID integration with RAS. I understand it that some script (or a bunch of them) could benefit from RAS-mediated authenticated. I'm approaching this part of my work on ACIS now. I'd be happy to work with you on building this integration from both sides: me from the RAS side, you from the CitEc side. What do you think?
-ivan
--- José Manuel Barrueco http://www.uv.es/=barrueco
-- Christian Zimmermann FIGUGEGL! Economic Research Federal Reserve Bank of St. Louis P.O. Box 442 St. Louis MO 63166-0442 USA http://ideas.repec.org/zimm/