Issues

ZF-4949: Incorrect handling of delegation to LiveJournal

Issue Type: Bug Created: 2008-11-14T04:17:28.000+0000 Last Updated: 2011-02-18T07:41:43.000+0000 Status: Resolved Fix version(s): Reporter: Ciaran McNulty (ciaranmcnulty) Assignee: Ralph Schindler (ralph) Tags: - Zend_Auth_Adapter_OpenId

Related issues: Attachments:

Description

I have delegated my site's (ciaranmcnulty.com) OpenID to my LiveJournal account with the following in the head of the html:

<meta http-equiv="X-XRDS-Location" content="http://ciaranmcnulty.livejournal.com/" />
<link rel="openid.server" href="http://<a rel="nofollow" href="www.livejournal.com/openid/server.bml">www.livejournal.com/openid/server.bml</a>" />
<link rel="openid.delegate" href="http://ciaranmcnulty.livejournal.com/" />

I used the example code from the reference guide to create a simple OpenID login page. However, the identity returned by the adapter varies:

  1. If I'm already authenticated with LiveJournal my identity is returned (correctly) as http://ciaranmcnulty.com
  2. If I am logged out of LiveJournal and need to authenticate, my identity is returned as http://ciaranmcnulty.livejournal.com

I believe it should be the same in both cases, i.e. delegation should be transparent to users of the adapter.

It may be that this is an error at the LJ end rather than in the component and I'm happy to report it to LJ if that is the case.

Comments

Posted by Ciaran McNulty (ciaranmcnulty) on 2008-11-14T08:34:35.000+0000

As an additional data point, I can log into another OpenID site (stackoverflow.com) with my ciaranmcnulty.com OpenID and it recognises me as ciaranmcnulty.com even if I've had to log in at LiveJournal.

Posted by Ralph Schindler (ralph) on 2011-02-18T07:41:43.000+0000

Can you provide some bits of code that can better demonstrate the issue? I am inclined to say that the LJ implementation might be triggering the behavior you are seeing. If this is still an issue for you, please attach a reproduction case and reopen.

Have you found an issue?

See the Overview section for more details.

Copyright

© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts