The easiest way to run your own OpenID provider?
A few years ago, I was looking for a quick and easy way to run OpenID on a small web server.
A range of solutions were available but some appeared to be slightly more demanding than what I would like. For example, one solution required a servlet container such as Tomcat and another one required some manual configuration of Python with Apache.
I came across the SimpleID project. As the name implies, it is simple. It is written in PHP and works with the Apache/PHP environment on just about any Linux web server. It allows you to write your own plugin for a user/password database or just use flat files to get up and running quickly with no database at all.
This seemed like the level of simplicity I was hoping for so I created the Debian package of SimpleID. SimpleID is also available in Ubuntu.
Help needed
Thanks to a contribution from Jean-Michel Nirgal Vourgère, I've just whipped up a 0.8.1-14 package that should fix Apache 2.4 support in jessie. I also cleaned up a documentation bug and the control file URLs.
Nonetheless, it may be helpful to get feedback from other members of the community about the future of this package:
- Is it considered secure enough?
- Have other people found it relatively simple to install or was I just lucky when I tried it?
- Are there other packages that now offer such a simple way to get OpenID for a vanilla Apache/PHP environment?
- Would anybody else be interested in helping to maintain this package?
- Would anybody like to see this packaged in other distributions such as Fedora?
- Is anybody using it for any online community?
Works with HOTP one-time-passwords and LDAP servers
One reason I chose SimpleID is because of dynalogin, the two-factor authentication framework. I wanted a quick and easy way to use OTP with OpenID so I created the SimpleID plugin for dynalogin, also available as a package.
I also created the LDAP backend for SimpleID, that is available as a package too.
Works with Drupal
I tested SimpleID for login to a Drupal account when the OpenID support is enabled in Drupal, it worked seamlessly. I've also tested it with a few public web sites that support OpenID.