Google迈向以OpenID为基础的网站单点登录
来源:互联网 发布:硬件编程是什么 编辑:程序博客网 时间:2024/05/14 02:01
By Eric Sachs, Google Security Team
目前用户要给自己浏览的许多不同网站创建不同的密码才能正常使用,但他们也倾向于避免这个步骤以便于更方便的访问网站。类似的,互联网上的许多网站已经寻找了一种能够让用户不必设置另外一个密码就可以登录网站的方法。如果能够如此,网站就能够给用户提供更加个性化的体验。
In September we announced some research that we shared as part of an effort by the OpenID community to evaluate the user experience of federated login. Other companies like Yahoo have also published their user research. Starting today, we are providing limited access to an API for an OpenID identity provider that is based on the user experience research of the OpenID community. Websites can now allow Google Account users to login to their website by using the OpenID protocol. We hope the continued evolution of both the technical features of OpenID, as well as the improvements in user experience. will lead to a solution that can be widely deployed for federated login. One of the companies using this new service is www.zoho.com. Raju Vegesna at ZoHo says that "We now offer all our users the ability to login to ZoHo using their Google Account to avoid the need to create yet another login and password."
The initial version of the API will use the OpenID 2.0 protocol to enable websites to validate the identity of a Google Account user, including the optional ability to request the user's e-mail address. Below is an example of the flow that a user might see if he or she starts at a website that uses this new feature:
The website could use a modified login box that looks like the one below. If the user enters a Gmail address and indicates that he or she does not have a password for this site, then the site can redirect him or her to Google.
The user would then be taken to the Google website and asked to confirm whether he or she wants to sign in to KidMallPics.
Finally, the user would be redirected back to KidMallPics, where he or she would be immediately signed in.
More information about this new API can be found on the Open ID page in Google Code. To request access to the limited trial, please visit our Google Federated Login discussion group and register using the online registration form.
Google is also working with the open source community on ways to combine the OAuth and OpenID protocol in the future. That way a website can not only request the user's identity and e-mail address, but can also request access to information available via OAuth-enabled APIs such as Google Data APIs as well as standard data formats such as Portable Contacts and OpenSocial REST APIs. In the future, this should allow a website to immediately provide a much more streamlined, personalized and socially relevant experience for users when they log in to trusted websites.
- Google迈向以OpenID为基础的网站单点登录
- 为您的.NET网站增加OpenID,Window Live,人人网等多种登录方式之一: 增加OpenID登录
- 单点登录三个方法及原理:共享Session、基于OpenId的单点登录、基于Cookie的OpenId存储方案
- 单点登录三个方法及原理:共享Session、基于OpenId的单点登录、基于Cookie的OpenId存储方案
- 怎么保证web网站的单点登录
- Web系统/网站的单点登录
- 网站单点登录
- 网站单点登录实现
- 自定义单点登录页面--在自己的网站使用单点登录进行登录(1)
- 自定义单点登录页面--在自己的网站使用单点登录进行登录(1)
- 互联网扩展功能业务(单点登录/ OPENID / OAuth)
- 架设支持openID的网站
- windows系统下找到网站IP,以google为例
- 自定义单点登录页面--在自己的网站使用单点登录(2)
- 以创新驱动为核心加快迈向制造强省
- 网站跨站点单点登录
- 网站跨站点单点登录
- 网站跨站点单点登录
- Image slide vartical
- 【转帖】Passthru流程图
- 浅谈HTTP状态码的使用
- 在SAP出口增强中调用自定义屏幕。如何进行参数传递
- SOA应用中WebService层的离线对接C#实现
- Google迈向以OpenID为基础的网站单点登录
- 强烈推荐!七个顶级心理寓言(看了受用一生,不看后悔一生)
- SetTimer函数的用法
- 针对PayPal诈骗的方法 支付宝诈骗方法
- 相交圆误差问题
- Linux 启动过程详解
- 国际商务英语学习[三]
- VS2005运行程序时出现“没有找到MSVCP80D.dll"错误的解决方法
- Google的十诫