Skip to Content.
Sympa Menu

shibboleth-dev - RE: [Shib-Dev] Shibboleth IdP OpenID Extension

Subject: Shibboleth Developers

List archive

RE: [Shib-Dev] Shibboleth IdP OpenID Extension


Chronological Thread 
  • From: Etan Weintraub <>
  • To: "" <>
  • Subject: RE: [Shib-Dev] Shibboleth IdP OpenID Extension
  • Date: Tue, 31 Aug 2010 14:19:03 -0400
  • Accept-language: en-US
  • Acceptlanguage: en-US

So...about 8 and 1/2 months later....I finally got the ability (read "time")
to test this plugin out, and so far it seems to work well. I am having one
instance of problem though.

I'm trying to link my Facebook account to my OpenID account and when I do, I
get a message back that says:
OpenID signature error
The signature given by the OpenID provider did not match.

Any ideas what that means? No errors in my shib logs.

-Etan E. Weintraub
Team Leader - Enterprise Authentication
Senior Systems Engineer - Enterprise Directory
IT@Johns
Hopkins Johns Hopkins at Mt. Washington
5801 Smith Ave.
Suite 3110B
Baltimore, MD 21209
Phone: 410-735-7945
E-mail:



-----Original Message-----
From: Etan Weintraub
[mailto:]

Sent: Thursday, December 17, 2009 4:34 PM
To:

Subject: RE: [Shib-Dev] Shibboleth IdP OpenID Extension

* PGP Signed: 12/17/09 at 16:34:18

Thanks Will. I'm going to try this out in our dev environment either tomorrow
or sometime next week. I'll let you know how it goes.

-Etan E. Weintraub
Team Leader - Enterprise Authentication
Senior Systems Engineer - Enterprise Directory
IT@Johns
Hopkins
Johns Hopkins at Mt. Washington
5801 Smith Ave.
Suite 3110B
Baltimore, MD 21209
Phone: 410-735-7945
E-mail:



-----Original Message-----
From: Will Norris
[mailto:]

Sent: Thursday, December 17, 2009 4:29 PM
To:

Subject: [Shib-Dev] Shibboleth IdP OpenID Extension

As many people are aware, we've been working for the last few months to add
OpenID support to the Shibboleth IdP. I'm happy to say that we have an
initial IdP extension that is ready for testing by the general Shibboleth
community.

In the process of developing this extension, we identified a number of APIs
in Shibboleth that cause considerable headache for supporting non-SAML and
non-XML based protocols. This is important to note for two reasons. First,
it means that not all the features we set out to support are included in this
initial release. Of particular note, there is currently no support for user
attributes. Second, as we continue to work out these issues, I expect the
extension to change quite considerably in future releases... in terms of
code, configuration, as well as features.

This initial release is provided as a proof of concept, and should be treated
as such. It is not recommended to use this in anything remotely resembling a
production deployment. While we are committed to continuing this work, and
intend to provide an OpenID solution of the quality people have come to
expect of Shibboleth, this initial release is most certainly not it.

Will that being said, you can read more about the IdP OpenID Extension at:

https://spaces.internet2.edu/display/SHIB2/IdP+OpenID

Please direct any questions and feedback to this mailing list
(shibboleth-dev).

* Etan Weintraub
<>
* 0x33B0BED5


  • RE: [Shib-Dev] Shibboleth IdP OpenID Extension, Etan Weintraub, 08/31/2010

Archive powered by MHonArc 2.6.16.

Top of Page