OpenID

Forcing Login

Does Yahoo OpenID support the PAPE max_auth_age variable? I would like to force users to have to login again, simply because I want to give them a choice to "sign in as another user"

anonymous
May 7, 2010

1 Reply

- omiga
- May 8, 2010
Hi,

We support max_auth_age in the OpenID PAPE extension.
Our current implementation requires that at least
the following parameters if you want Yahoo! OP to
prompt the user for password unconditionally:

openid.ns.pape=http://specs.openid.net/extensions/pape/1.0
openid.pape.max_auth_age=0
openid.pape.preferred_auth_policies

The last parameter's value should be "http://schemas.openid.net/pape/policies/2007/06/none"
even if you don't have any preferred auth policies though we will
allow it to be empty in our future OpenID implementation update.

The auth polices we support include:
http://schemas.xmlsoap.org/ws/2005/05/iden...sonalidentifier
http://www.idmanagement.gov/schema/2009/05/icam/no-pii.pdf
http://www.idmanagement.gov/schema/2009/05...rust-level1.pdf
for which you can find more information here:
http://www.idmanagement.gov/drilldown.cfm?...=openID_openGOV

Thanks,
Yu Wang

Report Abuse

0

Ask a Question

Yahoo! Developer Network

OpenID

Forcing Login

Recent Posts