roller-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ian Kallen <>
Subject Re: roller-openid
Date Sat, 22 Mar 2008 22:25:06 GMT
The other use case is roller as an identity provider; your roller blog 
URL should be an identifier for you. I haven't looked into the API's 
developed here in openid4java ( 
but it might be a place to start. As far as the correctness of the 
implementation, I think the janrain libraries may be the best references 
as far as working code but there are not yet java implementations on 
their code site (

Dave had written and probably intended:
> On Sat, Mar 22, 2008 at 2:53 PM, Tharindu Mathew <> wrote:
>> Is there another implementation that is similar to this. Maybe info card
>>  support. THat I can take a llok to figure out how all the technologies you
>>  have mentioned fit together, and to get an idea to document the
>>  requirements?
> Hmm... perhaps you could look at how Wordpress impements OpenID.
> Here are some more ideas:
> There are two parts of this project. You could do one or both of them
> as both are valuable. But, once you've done one the other might be
> trivially easy. First, there's OpenID for user accounts. Second, there
> is OpenID for commenters. I'll cover each.
> * OpenID for Roller user accounts
> The idea here is to allow users to either register for an account on a
> Roller server using their existing OpenID account and, if possible,
> allow existing Roller users to switch over to using OpenID for logging
> in. There are at least two approaches to this problem:
> 1 - Roller uses Spring Acegi for user authentication and Acegi
> supports Open ID. This approach might be as easy as adding the Aceigy
> OpenID module, tweaking the Acegi security.xml file and doing some
> small code changes to Roller to make OpenID easy to enable via
> Roller's configuration system and easy to use via Roller's login page.
> 2 - In Roller's trunk (i.e. the code for the next release) we have
> made it easier for Roller to use standard Java EE Container Managed
> Authentication (CMA) for user login. CMA means the app server is
> responsible for authentication so folks would have to use an app
> server with OpenID support (possibly by using OpenSSO.
> Approach #1 is probably best, but your changes should not preclude option #2.
> * OpenID for comments
> Once you've got user accounts using OpenID, you might find this to be
> easy. It might involve adding a new role to Roller (we now have
> "admin" and "editor", you'd need to add "user" or "commenter"). You'll
> probably also have to modify the CommentServlet, which accepts comment
> posts and weblog.vm which defines the HTML that is generated in the
> comment form.
> I'm guessing at a lot of this. You'll have to help figure out the
> right path, with the assistance of your mentor (most likely, yours
> truly).
> - Dave

Ian Kallen || Architect, Technorati Inc. || m: 415.505.5208

View raw message