mod_auth_openid

Release Notes: This release adds support for HTML form submission (POSTs) per the 2.0 spec, adds a cookie path option, and is now using a more secure (more random) nonce.

Release Notes: The ability to specify an external program for authorization. No longer clears attribute exchange parameters; see the Wiki page for attribute exchange. A fix for a bug involving custom auth cookie names. A fix for a bug that left openid params in the referrer param after a custom login page redirect. A fix for a bug that resulted in the referrer param not having HTTP/S set correctly. A fix for a bug that resulted in an auth error when too many requests were hitting Session DB. A fix for a bug that set REMOTE_USER to normalized id rather than claimed id.

Release Notes: This release adds support for the OpenID 2.0 spec (support for the 1.1 spec is still maintained). Support for BDB has been removed; this release supports SQLite only.

Release Notes: A 302 Redirect issue was fixed. AuthOpenIDEnabled is now allowed in .htaccess files. Links on the default login page were fixed.

Release Notes: The openid.ax and openid.sreg parameters are no longer cleansed from URLs. An AuthOpenIDServerName configuration option has been added. The dependency on libpcre++ has been removed (libpcre is still required). A modauthopenid.referrer parameter has been added that is passed on to login pages. The code has been updated to work with the libopkele version 3 API.