Admins/OpenID

From Tine 2.0 - Wiki

OpenID is an open, decentralized standard for authenticating users which can be used for access control, allowing users to log on to different services with the same digital identity where these services trust the authentication body. (As described on Wikipedia)

You find out more about OpenID at following pages:

When authenticating using OpenID there are 3 parties involved. The browser of the enduser, the website to login(OpenID consumer) and the server used for authentication(OpenID provider).

Tine 2.0 acts as OpenID provider. You can use your Tine 2.0 installation to login into other OpenID enabled websites. Using Tine 2.0 as OpenID provider means that you can use your TIne 2.0 username and password to login into other websites. Your username and password get's never transmitted to the other website(OpenID consumer). Well known websites allowing OpenID login are Freshmeat and Sourceforge for example.

What's needed for OpenID support?

You need add a rewrite rule to your webservers configuration. A simplified version of an Apache vhost configuration with Tine 2.0 located in the document root would look like this:

<VirtualHost *:80>
   ...
   DocumentRoot /var/www/htdocs/
   
   <Directory /var/www/htdocs/>
      ...
   </Directory>
   
   RewriteEngine on
   RewriteRule ^/users/(.*) /index.php?username=$1 [E=REDIRECT_USERINFOPAGE:true,L]
</VirtualHost>

How does my OpenID look like?

Your OpenID has following format

http(s)://your.web.server/pathToTine/users/<openid>

It's up to you to use https(but it is recommended as you enter your username and password). pathToTine can be empty if you install Tine 2.0 into the document root. <openid> must be configured in user admin dialogue inside Tine 2.0.

If you have less security requirements you can use Tine 2.0 loginname as <openid>. If you don't like to expose your username to the public, then you can also choose a different <openid>. For eample you can use the local part of email address as this is known to the public anyway.