52 lines
2.0 KiB
Markdown
52 lines
2.0 KiB
Markdown
[[!template id=plugin name=openid core=1 author="[[Joey]]"]]
|
|
[[!tag type/auth]]
|
|
|
|
This plugin allows users to use their [OpenID](http://openid.net/) to log
|
|
into the wiki.
|
|
|
|
The plugin needs the [[!cpan Net::OpenID::Consumer]] perl module.
|
|
Version 1.x is needed in order for OpenID v2 to work.
|
|
|
|
The [[!cpan LWPx::ParanoidAgent]] Perl module is strongly recommended.
|
|
The [[!cpan LWP]] module can also be used, but is susceptible to
|
|
server-side request forgery.
|
|
|
|
The [[!cpan Crypt::SSLeay]] Perl module is needed
|
|
to support users entering "https" OpenID urls.
|
|
|
|
This plugin is enabled by default, but can be turned off if you want to
|
|
only use some other form of authentication, such as [[passwordauth]].
|
|
|
|
## options
|
|
|
|
These options do not normally need to be set, but can be useful in
|
|
certain setups.
|
|
|
|
* `openid_realm` can be used to control the scope of the openid request.
|
|
It defaults to the `cgiurl` (or `openid_cgiurl` if set); only allowing
|
|
ikiwiki's [[CGI]] to authenticate. If you have multiple ikiwiki instances,
|
|
or other things using openid on the same site, you may choose to put them
|
|
all in the same realm to improve the user's openid experience. It is an
|
|
url pattern, so can be set to eg "http://*.example.com/"
|
|
|
|
* `openid_cgiurl` can be used to cause a different than usual `cgiurl`
|
|
to be used when doing openid authentication. The `openid_cgiurl` must
|
|
point to an ikiwiki [[CGI]], and it will need to match the `openid_realm`
|
|
to work.
|
|
|
|
## troubleshooting
|
|
|
|
See [[plugins/openid/troubleshooting]] for a number of issues that may
|
|
need to be addressed when setting up ikiwiki to accept OpenID logins reliably.
|
|
|
|
## delegation
|
|
|
|
This plugin does not take care of doing the "server" part of the
|
|
OpenID protocol, only the "client" part. In other words, it allows
|
|
users to login to your site through OpenID, but is not in itself an
|
|
OpenID provider.
|
|
|
|
It is possible, however, to use your Ikiwiki site as a delegation
|
|
point to another OpenID provider. For this, use the
|
|
[[ikiwiki/directive/meta/]] directive with the `openid` parameter.
|