Now that WordPress.com blogs include an OpenID server for free and most WordPress users have an account there as they need it for Akismet to work, it turns out they can use it as the invisible back end to authenticate via their own WordPress blogs (hosted elsewhere) using the concept of delegation.
I thought it would be interesting to try and get OpenID delegation going on this blog as a proof of concept, and because I’m tired of commenting on Tim Connors blog as anonymous. 🙂
Now whilst OpenID delegation requires nothing more than a couple of lines of HTML, on a site that is dynamically generated like a blog you need a bit of code to add that into the front page, otherwise it’s not going to work. With WordPress that is done via plugins and casting around I found Eran Sandler’s OpenID Delegate plugin which I took for a spin.
It’s easy to install, a single PHP file in your wp-content/plugins directory, and then an OpenID Delegation item appears in your Option menu. Clicking on that and you will see three cryptically named options:
OpenID Server Url– this is the URL that access the OpenID server code
OpenID Delegate Server Url– this is the URL for the OpenID that you possess
OpenID XRDS Url– this is a URL for a special file that is supposed to control the delegation
Initially I tried setting http://????.wordpress.com/ for each field (where ???? is the name of my blog at WordPress.com) and that almost, but not quite, seemed to work according to the OpenID validator. It took me a while to figure out what was needed, but from this forum thread I found a clue that I’d missed a necessary option on the OpenID Server URL.
So, what got it to work for me (and presumably will for you too) is:
OpenID Server Url: http://yourblog.wordpress.com/?openidserver=1
OpenID Delegate Server Url: http://yourblog.wordpress.com/
OpenID XRDS Url: http://yourblog.wordpress.com/
The proof that it works ?
A successful comment on Tim’s Live Journal using my blog as the OpenID server. That’s enough to make me happy..