Setup and install of multiuser phpMyID (OpenID) under Plesk
Been having a look at OpenID. It seems like a really good idea. I have loads of user names and passwords to all the support sites on the internet. You try and pick the same one on each but occasionally there is another joebloggs out there who steals your user name so you have to select another like joebloggs2. And because that web site has a different policy for their password security your usual 8-letter password is now not enough because they want at least 10 with some punctuation. So you have all these user names and all these passwords and the only thing you can do to remember them is write them all down on a post-it and stick it to your monitor! Not very secure!
OpenID tries to address the problem of decentralised authentication. It is trying to create a single sign-on for the internet.
Being a Paranoid Penguin, I don’t want to entrust a corporate giant, with access to all my other accounts, so I had a hunt for an OpenID implementation that I could set up on my own server. I discovered phpMyID.
phpMyID is a single user OpenID server. The package consists of just 2 PHP files!. It doesn’t need access to a database or anything really! It’s just the 2 files!
There is a README file with some easy to follow instructions but I’ll outline the salient points and the problems I had.
- It goes without saying that you make sure that your web server has PHP running in your domain!
- Go to a convenient place under your document root and create a folder to put your configuration files.
- Create a directory for the installation:
$root/openid
, where $root is your document root. - Go into it and download the program body:
wget https://www.siege.org/svn/oss/phpMyID/trunk/MyID.php
- Now create a folder for each user:
mkdir mrn
- Go into each folder and download the configuration file:
wget https://www.siege.org/svn/oss/phpMyID/trunk/MyID.config.php
- Next configure each user.
- Load the configuration file (
MyID.config.php
) into your favourite text editor and change the last line fromrequire(’MyID.php’);
torequire(’../MyID.php’);
- In your web browser goto http://www.example.co.uk/openid/mrn/MyID.config.php and make a note of the Realm
- Now we have to create our user name and password. On the command line enter:
echo -n ‘username:realm:password’ | openssl md5
where username is your username, realm is the Realm you made a note of earlier and password is your password. This gives you an MD5 hashed encoded string. - Edit the user’s
MyID.config.php
and change the auth_username to the user name you have just invented and the auth_password to the hashed password you have just created. - Now we must test our login mechanism. From your web browser goto:
http://www.bigsoft.co.uk/openid/mrn/MyID.config.php
and click Login. - Under Plesk I get the message
Missing expected authorization header.
so I need to configure the web server to allow the PHP variablePHP_AUTH_DIGEST
to be set by the web server. - Download the example
htaccess
file from the phpMyID site and place it in$root/openid/mrn/.htaccess
. - Edit the
.htacess
file and uncomment option 3 (mod_setenvif) - Finally we need to set up a url location that tells the OpenID mechanism where the
openid.server
andopenid.delegate
are. - In our user’s directory
$root/openid/mrn
create a file calledindex.html
and fill it with the following:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <link rel="openid.server" href="http://www.bigsoft.co.uk/openid/mrn/MyID.config.php"/> <link rel="openid.delegate" href="http://www.bigsoft.co.uk/openid/mrn/MyID.config.php"/> </head> <body> Nothing to see here, move along. </body> </html>
- Now go to the web site that supports OpenID and login with the url
http://www.bigsoft.co.uk/openid/mrn/
- You will be presented with a login from your server asking you to login. Enter the username and password that you used in step 10 and away you go.
3 comments
Its really impressed me buddy can you create it for my website?
Comment from: Bali Villas [Visitor]
I love openid, they make mi simple
very usefull
Form is loading...