openid4.me - an OpenID Server 4 FOAF secured by FOAF+SSL

openid4.me is an OpenID server which allows you to use your WebID to log in to any website that accepts OpenID.

Requirements

To use this server you need
If you dont have a FOAF+SSL secured WebID you can get one at FOAF.me
On FOAF.me
For a fuller description of FOAF+SSL and more ways to secure your existing WebID with a FOAF+SSL client certificate please read through the "How To FOAF+SSL" article.

Using your WebID as an OpenID

If the site you are trying to log in to supports OpenID 2.0 type the following into the login box. 
http://openid4.me
If the site you are trying to log in to only supports OpenID 1.x you could type the following into the login box. 
http://openid4.me/http://your_webid
	   
Note your WebID must be URL encoded i.e. "#" must be encoded as "%23"

Eg. http://openid4.me/www.w3.org/People/Berners-Lee/card%23i
As part of the OpenID protocol you will be redirected to an openid4.me webpage which will ask you to confirm that you "trust" the site you are about to log in to. If you press the "Login using my FOAF+SSL Client Certificate" button your browser should ask you to select a FOAF+SSL Client Certficate. Behind the scenes openid4.me will try to confirm that you do indeed control the WebID you are trying to use. If you are using the OpenID 2.0 login style (a.k.a the ID Select feature) openid4.me will pass the WebID stored in the selected certificate back to the site you are logging in to. The OpenID protocol requires that the webpage URI returned back to the site you are logging in to has a reference to openid4.me in the header; this is why your WebID is returned as 'http://openid4.me/http://your_webid'. openid4.me also tries to extract your nickname (foaf:nick), fullname (foaf:name) and email address (foaf:mbox) from your WebID as part of the light-weight profile exchange provided by the SREG extension to OpenID.

ID Delegation

If you would like to use the openid4.me service to do the FOAF+SSL authentication against an OpenID URI (Identity Page) which you control rather than rely on the Identity Page generated by openid4.me based on the WebID within the presented client certificate add the following to the HEAD section of the webpage (URI) you would like to enter at the OpenID login box. 
<link rel="openid.server" href="http://openid4.me/index.php" />
<link rel="openid2.provider openid.server" href="http://openid4.me/index.php"/>
<link rel="meta" type="application/rdf+xml" title="FOAF" href="your_foaf_file"/>

Eg. <link rel="openid.server" href="http://openid4.me/index.php" />
    <link rel="openid2.provider openid.server" href="http://openid4.me/index.php"/>
    <link rel="meta" type="application/rdf+xml" title="FOAF" href="http://www.w3.org/People/Berners-Lee/card">

    In the HEAD section of http://www.w3.org/People/Berners-Lee would allow this webpage to be 
    used as an OpenID URI secured by the FOAF+SSL Client Certificate identified as being
    controlled by the foaf:agent http://www.w3.org/People/Berners-Lee/card#i.
The initial requirements listed above of requiring a WebID secured by a FOAF+SSL Certificate still hold.

Where can I try it out

Why not try this service out by logging in to the FOAF Project Wiki which has the MediaWiki OpenID Extension installed.
Type 'http://openid4.me' into the login box.
WARNING: This will create an account on the FOAF Project Wiki using your nickname as the account name.

or

Use it to leave a comment on "Danbri's Foaf Stories" which has the Wordpress OpenID 2.0 Plugin installed.

Background

openid4.me is an open source project built by incorporating libAuthentication.php into the example OpenID server code provided with the JanRain PHP OpenID library.

The source code for openid4.me can be found on github.

If you are interested in understanding how this service works please read through the "How It Works" article or feel free to post questions or feedback on the foaf.me google group
.
Enjoy!