Friday, November 14, 2008

OpenID woes

Today's topic is the Acegi plugin (Spring Security) for grails . It doesn't work out of the box. This guy seems to have done some work with it and even claims to have the thing working for his site, but even if my user authenticates at myopenid.com I'm still not allowed into my experimental site. *grrr* (this was more of a rant than I wished when I started writing, but that is how things work out sometimes).

Update: I figured out what was wrong ;) It was simply that when typing in my OpenID URL, (http://xxxx.myopenid.com) I was inconsistent with regards to typing a terminating "/" or not. Big difference! acegi uses the entire url as an user identifier, and a difference of one character makes a difference. I would characterize this as a bug, since it means that semantically identical but syntactically different URLs map to different user identities.