X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/475b4199e1624350b928a002fe83033ee3389b31..2265aef4e61dd2f97c292654a8e1e5a3f7bfda90:/doc/plugins/openid.mdwn diff --git a/doc/plugins/openid.mdwn b/doc/plugins/openid.mdwn index 3fb4c26b8..4c8e0d381 100644 --- a/doc/plugins/openid.mdwn +++ b/doc/plugins/openid.mdwn @@ -17,15 +17,32 @@ only use some other form of authentication, such as [[passwordauth]]. ## options These options do not normally need to be set, but can be useful in -certian setups. +certain setups. * `openid_realm` can be used to control the scope of the openid request. It defaults to the `cgiurl` (or `openid_cgiurl` if set); only allowing ikiwiki's [[CGI]] to authenticate. If you have multiple ikiwiki instances, or other things using openid on the same site, you may choose to put them - all in the same realm to improve the user's openid experience. + all in the same realm to improve the user's openid experience. It is an + url pattern, so can be set to eg "http://*.example.com/" * `openid_cgiurl` can be used to cause a different than usual `cgiurl` to be used when doing openid authentication. The `openid_cgiurl` must point to an ikiwiki [[CGI]], and it will need to match the `openid_realm` to work. + +## troubleshooting + +See [[plugins/openid/troubleshooting]] for a number of issues that may +need to be addressed when setting up ikiwiki to accept OpenID logins reliably. + +## delegation + +This plugin does not take care of doing the "server" part of the +OpenID protocol, only the "client" part. In other words, it allows +users to login to your site through OpenID, but is not in itself an +OpenID provider. + +It is possible, however, to use your Ikiwiki site as a delegation +point to another OpenID provider. For this, use the +[[ikiwiki/directive/meta/]] directive with the `openid` parameter.