OpenID defines a way to log into various web sites
using a single user identity in the form of a URL. This reduces the
number of passwords a person has to remember and makes it a lot easier
to log into web sites. Perhaps equally important, every domain owner can
operate his/her own OpenID provider/identity server software to authenticate
users.
When we looked for software to allow us to utilize OpenID on Packetizer,
we did not find any
software packages
that we really liked. We wanted something that presented very low overhead,
integrated with our existing database, and worked with the Apache web server.
So, we decided to write our own server software. It is designed to be
easily integrated into web sites that have similar
LAMP-style
configurations like ours.
We provide the software we are using for anyone to use, modify, or
adapt for use in other software packages. It's entirely free, open source
software. Note that this is an initial release of the software and
you might find some bugs. We're interested in fixing bugs, but
unfortunately we cannot provide technical support for end users. That said,
we would be happy to work with other developers to improve the software.
We also created a
discussion forum
for those who wish to ask questions, provide suggestions, etc.
Highlights:
- Written in Perl
- Utilizes MySQL
- Written to run in Apache
- Supports multiple users
- Login and user pages are "templates" that are easily customized
- Implements every mandatory message exchange in OpenID 2.0
- Implements much of the OpenID 1.1 specification ("dumb" mode described in the 1.1 spec has not been tested)
- Supports deployments that use HTTP or HTTPS
- Password validation routine is separated from the login page to optionally allow one to use HTTP for identifiers, but HTTPS to actually validate the user password
- Supports both (HMAC|DH)-SHA1 and (HMAC|DH)-SHA256
- Entirely free open source with no licensing restrictions