The best way to reroute a client if you are on an Apache server is to set up a mod_rewrite in a .htaccess file. Without going into all the boring details, I’ll jump straight to the good stuff.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

That’s right, just three simple lines. The first tells Apache that we are doing a mod_rewrite, or redirecting URLs that match the following pattern. The second line checks if the client is connecting over an unsecured connection. If they are, then the third line redirects them through a SSL connection.

The real power in this is how general it is. Since everything is done using global variables, you can use it on any domain you want without having to change a thing. Simply place it in the folder you want and it will reroute all traffic there through SSL. This works no matter what port your SSL connection is using. If you want the entire site to be secure, just place it in your root folder.

.htaccess files only work on Apache servers. If your site is not hosted using an Apache server, this won’t help you much.

Pretty slick stuff. Too bad I can’t take any credit for it. Here is where I first came across it. Redirect To SSL Using Apache’s .htaccess

If you’d like to learn more, here are some great tutorials on .htaccess.

Rather than directly hacking into WordPress to get the latest blog entries, I’m using the lastRSS PHP class to pull the feed data in from Feedburner, reformat it and put it on the page. It is a little round-about, but removes the need to code up specific hacks into my blog back end which runs separately from the rest of the site. This way if I ever change my blog engine, I won’t have to recode up the main page. Another point for web standards!

I used lastRSS because it was the first functional PHP class that I came across late last night. It works great, but doesn’t support Atom feeds. Looking around today I came across SimplePie and I think I’ll have to try it out. The documentation alone makes it look promising.

I give up on phpMyID

After not being able to log into countless sites, I decided to call it quits with phpMyID. While it is a very easy program to setup, it doesn’t work with half the OpenId enabled sites out there. I don’t care how simple your program is, if it doesn’t work I don’t want to use it. I waited a few months to see if the bug would get fixed, but nothing has changed since January. Sorry phpMyID, things just didn’t work out, you are now dead.

A much easier way to OpenId

After looking around at the other OpenId libraries available, I came to the conclusion that I’d have to find a completely different solution. All of the libraries were either out-dated, too immature, or too bloated for my taste. Then I found out about OpenId delegates and all my problems were solved.

Basically a delegate is a third party OpenId server that you use to authenticate yourself on your site. Setting it up on your site requires two very simple steps. First, create an account on an OpenId authentication site. I used claimID, but there are lots of sites out there, some you may already have an account on. The next step is to add the following chunk of code to the header of your website. Obviously you’ll need to change the values to match your account, but hopefully you get the idea.

<link rel="openid.server" href="http://openid.claimid.com/server" />
<link rel="openid.delegate" href="http://openid.claimid.com/mattc" />

It is dead simple and saves you the hassle of having to set up and maintain a server on your site. Also, if for any reason you want or need to switch to a different third party authenticator, all you have to do is change the href value in the above html. All of the benefits of OpenId without any of the hassle.

I’m loving OpenId more and more everyday!

What is OpenID?

OpenID is an open, decentralized, free framework for user-centric digital identity.
http://openid.net/

OpenID provides a way to log in to any site that supports it using a single identity. Instead of creating endless usernames and passwords, all you need is your OpenID. Better yet, any server can run it!

So this weekend I decided to set up my own OpenID provider on orangesplotch.com. I used phpMyID because of its simplicity and tiny overhead. Other libraries I found either didn’t support the latest OpenID standards, or were nightmarishly complex beasts.

My OpenID Experience

phpMyID is dead easy to setup and install. I had it up and running in a matter of minutes.

Logging in to supported sites was a different matter. Some sites worked great. Others returned strange errors and there were some that didn’t do anything at all.

Apparently there is still some debates as to the proper implementation of the OpenID protocol. phpMyID states it is following the standards. However, depending on the software a site is using, some validated my OpenID and some didn’t. That’s annoying!

Someday soon

OpenID is gaining popularity quickly, but it is still a ways from mainstream adoption. A few major players are entering the arena, such as AOL and Microsoft. I think this is a step in the right direction for everyone and I’m excited to see it moving forward.

If you want to try it out and your server is running php, phpMyID is a really easy way to start. Be aware, though, that the framework is still pretty new and not everyone agrees on how it should work. Has anyone else tried it out?

The next step for orangesplotch.com is to allow you to login to the site using OpenID. I’ve seen a few WordPress plugins that I’m eager to try out. Any suggestions?