| I recently had to choose a way to authenticate users for a prototype web app I was building. My first choice was OpenId, because the promise behind it is awesome (1 login everywhere) and I wanted to avoid depending on FB. First annoying thing about OpenId is that most providers make an awesome job of hiding their entry point, or the exact URL that is each user ID. Except for Google, I had to extract URLs from various authentication pages (StackOverflow has a nice one) and plug-ins (http://jvance.com/pages/JQueryOpenIDPlugin.xhtml among others). Second annoying thing about OpenId is consistency. Some providers provide a distinct URL for each user, and some have a unique URL for every users. This makes your auth form an UX nightmare where users have to paste their URL instead of just clicking a button. Add to this the fact that each providers has it's own understanding of the spec, which leads to some weird implementations of the protocol (once again except for Google's). That and the not-so-occasional errors from several providers (these raw "Error 500 - contact our administrator" we all love). At this point, I had spent almost 20% of the time I had to make the whole prototype, trying to figure how openId could fit in. So I changed my mind and switched to FB Connect...which can be integrated in about 20 minutes. I'm no FB fan, really. But I have to admit it just works... |