openid

I am trying to support "Hybrid" Federated Login and oAuth2 (using logic from this document ) for a webservice which will: support Sign in using your Google account on my site. That is, from the documentation: You can also choose to use Google's authentication system as a way to outsource user authentication for your application. This can remove the need to create, maintain, and secure a username and password store . Access the user's Google Analytics. Here are the steps I have done. I form my request to https://accounts.google.com/o/oauth2/auth with the scopes (Google Analytics) I want access

I want to implement SSO Single Sign On . I found a lot of links and articles talking about CAS OpenID and many different things ,I'm really lost so should i use CAS ? I installed CAS Server and deplyed it into Tomcat What is the next step? Or is this wrong? Can you explain me how can i develop a simple HelloWorld to implement SSO. Many Thanks CAS is a popular implementation of SSO, so installing CAS server is a good first step. You'll need a server for anything you're planning, and you can check that it's working without having any other pieces in place (there are instructions in the INSTALL

1、OAuth2.0简介 　　 OAuth （开放授权）是一个开放标准，允许用户让第三方应用访问该用户在某一网站上存储的私密的资源（如照片，视频，联系人列表），而无需将用户名和密码提供给第三方应用。 　　允许用户 提供一个令牌 ， 而不是用户名和密码来访问他们存放在特定服务提供者的数据 。每一个令牌授权一个特定的网站（例如，视频编辑网站)在特定的时段（例如，接下来的2小时内）内访问特定的资源（例如仅仅是某一相册中的视频）。这样，OAuth允许用户授权第三方网站访问他们存储在另外的服务提供者上的信息，而不需要分享他们的访问许可或他们数据的所有内容。 　　我们这里主要模拟在微信公众号中使用OAuth2.0进行授权，获取用户的基本信息的过程。详细的开发文档可查看微信的官方文档。　　 微信公众平台开发者文档： http://mp.weixin.qq.com/wiki/14/89b871b5466b19b3efa4ada8e577d45e.html 2、获取测试公众账号及其相关配置 1）、公众测试账号获取 　　访问上面的连接，选择“接口测试号申请”获得直接打开 http://mp.weixin.qq.com/debug/cgi-bin/sandboxinfo?action=showinfo&t=sandbox/index 通过微信客户端扫码登录即可登录。 　

I'm just looking for different opinions. Do you consider OpenID a good "Single Sign On" solution? The way it works seems to be a little bit confusing for an average user and there could be problems related to "putting all your eggs in the same basket". Anyway, have anyone tried to implement his own OpenId solution within the context of an Intranet where there are many different applications (Wordpress, Elgg, Media Wiki, ..)?? I consider it could be a great solution to solve the "Digital Identity" problem but I don't know if it will work with the "login once and surf the Intranet" problem.