OpenID is a single sign-on standard implemented by multiple vendors. Users can register for an ID with the vendor they trust. The credential issued by that vendor can be used by all the web sites that support OpenID. Some high profile OpenID vendors are Google, Paypal, Amazon, and Microsoft. Please see the OpenID site for a more complete list.
With OpenID, users don’t have to register for a new account on every site which requires an account. Users register on one site (the OpenID provider’s site) and then use those credentials to authenticate to many web sites which support OpenID. Web site owners sometimes struggle to build communities because users are reluctant to register for another account. Supporting OpenID removes that barrier, making it easier for site owners to build their communities. All the account information is kept with the OpenID provider, making it much easier to manage this information and keep it up to date.
Liferay DXP can act as an OpenID consumer, allowing users to automatically register and sign in with their OpenID accounts. Internally, the product uses OpenID4Java to implement the feature.
OpenID at the System Scope
OpenID is enabled by default in Liferay DXP but can be disabled or enabled at either the system scope or portal instance scope. To configure the OpenID SSO module at the system level, navigate to the Control Panel and click on Configuration → System Settings. Then click on the Foundation category and search for OpenID in the list. There’s only a single configuration setting. Check the Enabled box to enable OpenID at the system scope (for all portal instances), uncheck it to disable it at the system scope.
OpenID at the Instance Scope
To configure the OpenID SSO module at the portal instance scope, navigate to the Control Panel and click on Configuration → Instance Settings, then on Authentication → OpenID. There’s only a single configuration setting. Check the Enabled box to enable OpenID for the current portal instance, or uncheck it to disable it for the current portal instance.
Regardless of whether OpenID is enabled at the System or Instance scope, users can see the OpenID icon when they sign into Liferay DXP. Click Sign In. The OpenID icon is displayed at the lower left.
Figure 1: The OpenID icon is at the bottom of the Sign In Portlet
Related Topics
Liferay DXP Security Overview Token-based Single Sign On Authentication CAS Single Sign On Authentication OpenAM Single Sign On Authentication