Configuring For Openid Authentication - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual

The Radius class prompts the user for a token instead of a password. The user can use the drop-
down menu to select between the password and the token. If the user selects to send a
certificate, the username and password/token options become unavailable.

4.4 Configuring for OpenID Authentication

OpenID is an open, decentralized method for identifying users which allows users to use the same
digital identity for logging in to multiple services. You can configure the Identity Server to trust the
provider or providers of OpenIDs by configuring the OpenID class. You then configure a method
and contract and assign a protected resources to use the contract for authentication. When the users
supply the OpenID, they are granted access if the Identity Server has been configured to trust the
provider of the OpenID server.
1 In the Administration Console, click Devices > Identity Servers > Edit > Local > Classes.
2 Click New, then fill in the following fields:
Display name: Specify a name for the class.
Java class: Select OpenIdClass.
The Java class path is configured automatically.
3 Click Next, then configure the following properties:
Open ID Provider Substrings: Specify at least one URL substring of an OpenID provider.
The OpenID URL that user enters during the login process must contain one of the strings as a
subset of the OpenID URL. For example, if user enters
this field needs to contain one of the following strings:
myopenid.com
.myopenid.com
To specify multiple URLs, separate them with a semicolon (;)
https://user123.myopenid.com
Configuring Advanced Local Authentication Procedures 147
,