in Security, Web

OpenID authentication with the mod_auth_openid Apache module

mod_auth_openid is an authentication module for the Apache 2 webserver. It handles the functions of an OpenID consumer as specified in the OpenID 2.0 specification.

After a user authenticates themselves, the user’s identity will be available in the REMOTE_USER variable. A cookie named open_id_session_id is saved to maintain each user’s session.

1. Install the module

apt-get install libapache2-mod-auth-openid

2. Enable the module

a2enmod authopenid

3. You can now add the line below to any Directory, Location or File directive in the virtual host configuration or a .htaccess file .

AuthOpenIDEnabled On

Click here for more configuration options, including only allowing logins from specific OpenID providers and using a custom login page

4. Restart Apache

/etc/init.d/apache2 restart

Write a Comment

Comment

  1. Tried it on Ubuntu Maverick, and the Apache module is not created. What’s missing is (from the original doc at http://findingscience.com/mod_auth_openid/):

    Verify that the module has been enabled in your ”httpd.conf”:

    # note that the path to your module might be different
    LoadModule authopenid_module /usr/lib/apache2/modules/mod_auth_openid.so

    (in my case, this was the only line in httpd.conf). Then everything works like a charm.