« Six Blog Search Engines at a Glance
New useful feature in Google Reader »

Setting up your own OpenID Server

3. May 2007 – 00:04 by Carsten Pötter

There are some people who consider OpenID providers a risk to privacy because providers are able to monitor all the sites users log in with their OpenID; they could sell the precious data for advertising and whatnot.

So what can you do to minimize that risk? Well, first start reading the Terms of Service and Privacy Statements of your OpenID provider. There are some differences between the various providers, so find out which one fits your (security) needs the best.

You’re still not happy? Fear not! Go and set up your own OpenID server. That’s right and if you are really bored you can jot down your very own privacy statement, too.

How to set it up?

Things have become easier recently and even I (read: ignorant to all things tech) have managed to successfully install it. So it shouldn’t be much of a problem for you anyway. Ben Dodson has created phpMyOpenID which is a simple installer based on phpMyID.

So before you start downloading you should make sure that you can provide these things: a PHP powered website or blog, a FTP client, your favourite tool to extract ZIP files, and of course some basic knowledge how to use them. :D

No problem? Great! Now just follow these simple steps and you’re done:

  • download phpMyOpenID
  • extract the folder and upload it to the root directory of your website or blog
  • change permission of the phpmyopenid folder to CHMOD 777 (see help file of your FTP client)
  • run the installation script from this URL:
    http://yourwebsite.com/phpmyopenid/install.php
  • provide a user name and password (and remember it!)
  • follow the instructions and copy the two lines of HTML to the header of your site (look for the <head> tag)
  • try to log in to any OpenID enabled website, then delete install.php and change the permission of the phpmyopenid folder to CHMOD 775
  • be happy :)

Troubleshooting

Those instructions should work for most people. However I got this error message: Missing expected authorization header.
If you get that one try Mike West’s solution. It worked. If you doubt all things work properly, you can try the server tests on openidenabled.com; just make sure you run them in the correct order.

As you have seen it’s pretty easy to run your own OpenID server. If you’re curious and a little bit geeky, give it a try. Nevertheless I have delegated my OpenID to another provider again because I think I can’t provide all security measures a real provider is able to. But that’s up to you, of course.

No related posts.

Comments for this entry | Trackback URL for this entry

  1. 14 Responses to “Setting up your own OpenID Server”

  2. If you drop me an email about the “Missing expected authorization header” error and the steps you took to get to it, then I’ll try and find out where the problem is coming from and fix it in a future release!

    By Ben Dodson on May 3, 2007

  3. I have sent an email. :)

    By Carsten Pötter on May 3, 2007

  4. hi i have successfully installed phpMyOpenID server by following your instructions. But im not getting how the users on my site will get registered with this server. Is there some registration process required. If yes how to tell users about the regisration process.

    thanks in advance.

    I.X.

    By I.X. on Jul 10, 2007

  5. Hi I.X.

    phpMyOpenID is currently only a server for a single user (so it’s really just for you to set up your own account). I will be creating a new release shortly which will allow for multi-user registration so I’ll let you know when this happens!

    Ben

    By Ben Dodson on Jul 10, 2007

  6. Ah sorry, I’m late on this but luckily Ben has answered the question already. And there’s no one who knows better. :)

    By Carsten Pötter on Jul 10, 2007

  7. Hey Ben Dodson’s site is down. Can you mirror PHPOpenID?

    By Robbie Trencheny on Aug 21, 2007

  8. Hello,

    Sorry, I recently upgraded my server and my site is regenerating (as seen by the rather geeky Dr Who tribute on my homepage!) - I’ll get it back up and running this afternoon for you.

    Ben

    By Ben Dodson on Aug 21, 2007

  9. Thanks Ben. But its still not up :(

    By Robbie Trencheny on Aug 22, 2007

  10. Well, I still have the index.php and install.php files on my hard disk. Though I don’t know if those are the current ones. If Ben doesn’t mind I can send them to you by email. Well, that will be in about 19 hrs or so because I have to sleep and work before. ;)

    By Carsten Pötter on Aug 22, 2007

  11. Hey guys - Site is back up now at http://labs.bendodson.com/phpmyopenid/

    This will be changing shortly as I’m completely rebuilding my site but I’ll let you know here when I do it. There might be a new release of phpMyOpenID as well….

    By Ben Dodson on Aug 24, 2007

  12. Hi Guys,

    Just to let you know that I have successfully built a multi-user version of phpMyOpenID (finally!) and am now on the look out for beta testers. I’ve just got to add some nice styling and then a full release will be available on my site, but if you’d like to take a look at the beta version then please drop me a message.

    By Ben Dodson on Feb 24, 2008

  13. Unfortunately, I won’t have much time for beta testing. But would be great if phpMyOpenID was available again. :)

    By Carsten Pötter on Feb 25, 2008

  1. 2 Trackback(s)

  2. Sep 2, 2007: A Beginner’s Guide to OpenID at Not So Relevant
  3. Sep 3, 2007: My Worklog » Blog Archive » OpenID: Some interesting posts…

Sorry, comments for this entry are closed at this time.

Not So Relevant is proudly powered by WordPress Entries (RSS) and Comments (RSS). Theme by Bob