«
»

mod_python OpenID Access Control

Since XRI is pretty much in bed with OpenID and NeuStar is an XRI shop, I get to play around with it quite a bit.

Here’s a little success report about using JanRain‘s mpopenid module to protect certain restricted resources served by Apache. It works somewhat like your basic HTTP authentication, but instead of returning a 401 Authorization Required response causing the browser to prompt for username and password, it redirects you to the OpenID login page. Pretty neat eh?

So, here's how we go about doing it.

My ingredients:

Following the recipes in this README file, I was able to set it up with one caveat: Python ElementTree module is a dependency of the Python Yadis library and you need to first install that.

Did I mention that you could login using an I-name?

UPDATE:

The following patch for mpopenid.py is needed to make i-name login work:

--- mpopenid-1.2.0-pre5/mpopenid.py     Tue Nov 21 20:24:53 2006
+++ mpopenid-1.2.0-pre5-wil/mpopenid.py Sun Jan 14 16:12:16 2007
@@ -157,10 +157,17 @@
         url = s.strip()
         if not url:
             continue
-        parsed = urlparse.urlparse(url)
-        if not (parsed[0] and parsed[1]):
-            url = 'http://' + url
-        urls.append(urinorm(url))
+
+        if (url[0:6].lower() == "xri://"):
+            url = url[6:] # strip "xri://"
+
+        if (url[0] not in "=@!$+"): # doesn't look like an XRI
+            parsed = urlparse.urlparse(url)
+            if not (parsed[0] and parsed[1]):
+                url = 'http://' + url
+            url = urinorm(url)
+
+        urls.append(url)

     return urls



No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

This entry was posted on Monday, January 15th, 2007 at 1:23 am and is filed under identity, iname, neustar, openid, xri. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.


16 Responses to “mod_python OpenID Access Control”

  1. dready blog v2.0 » Blog Archive » This blog is OpenID enabled! Says:
    January 15th, 2007 at 12:35 pm

    [...] dready blog v2.0 « mod_python OpenID Access Control [...]

  2. =wil Says:
    January 15th, 2007 at 9:19 pm

    This is a test

  3. http://if20.net/ Says:
    January 15th, 2007 at 10:23 pm

    Nice job. I will test it in my PC. Thanks.

  4. Does Google use PageRank? No. at 天真:天眞的我们必然幸福 Says:
    January 15th, 2007 at 10:46 pm

    [...] 15th, 2007 · Filed: WordPress · OpenID · No Comments · Popularity: 1% # mod_python OpenID Access Control Here’s a little success reportabout using JanRain’s mpopenid module to protect certain restricted resources served by Apache. It works somewhat like your basic HTTP authentication, but instead of returning a 401 Authorization Required response causing the browser to prompt for username and password, it redirects you to the OpenID login page. Pretty neat eh? [...]

  5. http://openid.aol.com/alexissmirnov Says:
    February 16th, 2007 at 5:55 am

    Every AOL account now has its own openID
    http://journals.aol.com/panzerjohn/abstractioneer/entries/2007/02/15/aol-and-openid-where-we-are/1406

    Trying mine

  6. http-awz.openid.freelogy.org- Says:
    June 3rd, 2007 at 11:50 am

    Thanks for the entry. –awz

  7. =gmw Says:
    August 1st, 2007 at 6:58 am

    Thats awesome wil. Can I join the Cult of Wil Worshipers?

  8. wil Says:
    August 3rd, 2007 at 3:12 am

    @=gmw You have to first pay $100K to join the FeedWil Foundation first.

  9. infomisa.net» Blog Archive » OpenID "Hello World" on apache still deep magic Says:
    September 22nd, 2010 at 8:37 am

    [...] to find a version of python-openid that matched. I almost gave up at that point, but heartened by somebody else who got mpopenid working, I went back to searching and found a launchpad development version of mpopenid. That seems to work [...]

  10. Frank van Soldt Says:
    May 8th, 2011 at 6:15 am

    Hey sweet little mod you made there. Thanks for the entry.

  11. Angela Says:
    November 26th, 2012 at 12:32 pm

    I did not expect Canada to be back this year. hopefully this will be their last..

  12. Kay Says:
    April 5th, 2013 at 5:24 pm

    The Photo Expo sounds like a great time! : D

  13. автоматы вулкан Says:
    May 14th, 2013 at 3:17 pm

    This is the year 2012, quit being so old fashioned. Cheryl is great!

  14. nnn Says:
    May 14th, 2013 at 9:17 pm

    The people who have a routine of morning walk can absorb the sunlight. Sunlight of early morning contains the Vitamin D. It means you can get this vitamin without spending money. It is a natural and free source of vitamins. You are suggested to focus on these sources to be healthy. <a href="http://www.cureacnemarks.com” target=”_blank”>www.cureacnemarks.com

  15. pinky Says:
    May 14th, 2013 at 9:18 pm

    <a href="http://www.cureacnemarks.com” target=”_blank”>www.cureacnemarks.com The people who have a routine of morning walk can absorb the sunlight. Sunlight of early morning contains the Vitamin D. It means you can get this vitamin without spending money. It is a natural and free source of vitamins. You are suggested to focus on these sources to be healthy.

  16. jackwhite521 Says:
    May 21st, 2013 at 3:16 pm

    jackwhite521

    I am really impressed from your immaginative thinking and impressive stated information, i am glad.
    dallas internet marketing consultants.

    marketing agency dallas