[Catalyst] Re: New credential --
Catalyst::Authentication::Credential::OpenID
Aristotle Pagaltzis
pagaltzis at gmx.de
Tue Apr 8 01:22:20 BST 2008
Hi Ashley,
* Ashley <apv at sedition.com> [2008-04-07 20:10]:
> http://search.cpan.org/dist/Catalyst-Authentication-Credential-OpenID/
is there any way to tell which OpenID provider was used for a
particular credential? F.ex. a company might use OpenID as its
SSO mechanism, by setting up an OpenID provider for employees, in
which case an internal app might want to grant extra trust to
OpenIDs from that provider (or reject IDs from other providers
altogether).
OK, in this particular example you could get away with accepting
only OpenIDs of a particular form. But delegation is an integral
part of OpenID and in other similar scenarios on the open web it
would be interesting to know the provider, not just the identity.
A quick skim of Net::OpenID::Consumer does not reveal a way to
get at this, however… is there?
Regards,
--
Aristotle Pagaltzis // <http://plasmasturm.org/>
More information about the Catalyst
mailing list