[TYPO3-dev] OpenID for TYPO3 Backend issues
Dmitry Dulepov
dmitry.dulepov at typo3.org
Tue Nov 30 10:27:03 CET 2010
Hi!
Søren Malling wrote:
> I know that you are the author behind this extension, so you might
> have a "are you dumb, of course it works" experience;-)
>
> Is there any information i can provide that will make it possible to
> debug this issue?
The problem is that I never hit a problem with logins :) There was a
problem some time ago with Yahoo: it was using one address for login but
returned another address in response. The spec does not forbid this but
does not allow it either, so it was a border case. If I remember correctly,
we patched the core for that case. But I can be mistaken (details are in
the BT). This is the only problem case I know.
I have to use OpenID at work and I know many other companies use it too. So
I suggest to try with some other OpenID provider (Yahoo, Google,
LiveJournal, etc) and see if it helps. If it does not, there is no easy
solution. It needs investigation and that can be tought task because OpenID
uses multiple request/response with encryption even when it looks like a
single redirection to their server. So it is always hard to debug&fix.
--
Dmitry Dulepov
TYPO3 core&security team member
Twitter: http://twitter.com/dmitryd
Read more @ http://dmitry-dulepov.com/
More information about the TYPO3-dev
mailing list