Code review comment for lp:~salgado/launchpad/bug-530738
Revision history for this message
| Guilherme Salgado (salgado) wrote | # |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
We're currently passing the application URL as the realm when starting
an OpenID authentication. That means when you login on, say,
bugs.lp.net, the provider will be told that the realm is bugs.lp.net,
but that's not really true as the authentication is valid for all of
launchpad.net. That is also how the spec says the realm should be used:
A realm is designed to give the end user an indication of the scope
of the authentication request.
(http://
This branch fixes that by always using the mainsite's root URL as the
realm (aka trust root).