this info seems 3 years old and outdated… the sources for community-id were not findable on „owncloud“.

sry that i can not give you complete informations.

if you have a link to the sources please comment 😉

Run your own identity server

Page historylast edited by Ole Kristian Ek Hornnes 3 years ago Saved with comment

Running your own identity server allows you to act as an OpenID Provider. You could run one just for yourself, for a community of users or, if you wish, for the general public. You do not need to register or obtain permission from anyone; you just need to run an OpenID identity server on your site. This requires the ability to install and run some software on your web server. Some existing OpenID identity server implementations are listed below.
  • PHP
    • Community-ID – Community-ID is an OpenID implementation in PHP which is OpenID 2.0 compliant. Community-ID is build to 100% on Open Source software and is release under the BSD license. Users can keep track of their trusted sites and manage them. For Community-ID administrators statistics are available to track registration of new users, authorized users per day or the number of trusted sites. Administrators can set the site in maintenance mode or send emails to all registered users. For user data and authentication, admin can choose the default db storage, or to connect to an LDAP server
    • Prairie – a lightweight OpenID based Internet identity server which includes a simple profile webpage (Internet identity), can be installed as a single user or a service to host many separate users, contact form, DH-SHA1 & DH-SHA256 support, OpenID 1.1 & OpenID 2.0 compliant, themed „skins“ which can be easily downloaded and added & it’s multi-lingual. Note that development has been reopened and that a new version is available at github: prairie-openid2-server.
    • phpMyID – a standalone, single user identity provider.
    • PHP OpenID Server.
    • Clamshell – standalone, multi-user OpenID server.
    • NetMesh InfoGrid LID PHP – supports OpenID as well as the LID protocol suite.
    • SimpleID – A standalone provider, supporting multiple identities. Active development (May 2008).
  • Ruby
    • Heraldry PIP – Ruby on Rails identity server incubating within the Apache Software Foundation – Project retired (2007-06-09).
    • Masquerade – Ruby on Rails OpenID server released under the MIT-license
    • local-openid – Single-User Ephemeral OpenID server implemented with Sinatra released under the AGPLv3
  • Python
  • Perl
    • Packetizer OpenID Server is a complete OpenID Provider server that you can freely download and install to operate your own identity provider.  It is compliant with OpenID 2.0 and written entirely in Perl.  It uses MySQL to store user, association, and signature information.
  • .NET
    • DotNetOpenId – library to add OpenId provider support to your web site or just give yourself an identity page on your web site that redirects to another provider. ASP.NET controls are also offered for ASP.NET web sites.
  • Java
    • NetMesh InfoGrid LID Java – supports OpenID as well as the LID protocol suite
    • Atlassian’s Crowd, Java based identity management server that is free for open-source projects. Supports LDAP (eg Active Directory, OpenLDAP, etc) and integrates with non-OpenID enabled applications such as Apache, Subversion, and Google Apps.
    • WSO2 Identity Solution, WSO2 Identity Solution is a set of Relying Party components and an Identity Provider to enable CardSpace and OpenID authentication.
    • JOS(Java OpenID Server), JOS(Java OpenID Server) is a multi-domain, multi-user OpenID Provider based on OpenID4JavaSpring FrameworkHibernateVelocity.
    • OpenASelect Server, OpenASelect is a Java based IdP server that supports OpenID 2.0, SAML 2.0 and more (federated) authentication protocols for professional deployments. OpenASelect is available under the terms of the GNU Affero GPLV3 license.
  • Unknown / other
    • OpenLink Data Spaces (ODS) – a new generation Data Space platform for Semantic Web Presence that includes support for OpenID.
    • Gracie, a local-account provider that authenticates users against the local PAM system.
    • OpenLink Data Spaces, a platform for meshing Identity and Web Data such that all your data (Facebook,, Flickr, RSS, Atom, OPML, and others data sources) is pegged to your OpenID via a Linked Data URI without any programming. In a nutshell you end up with an OpenID based Linked Data Space for all of you current and future Web protocols accessible data.


How to install the Community-Id „OpenId“ server on Linux

Charles Roth, 14 Jan 2010       (Techblog top)

I. Introduction
OpenId is a sort of mass single-signon project that is widespread, open-source, convenient, and relatively safe.  It involves using a (or setting up your own) OpenId server, that users login to.  Once there, their browser gets a cookie that OpenId-compliant applications can use to detect a valid login has already occurred, and take users straight into the application w/o further authentication.

Community-Id is a (relatively) easy to use and install OpenId server, for folks who want to „roll their own“.  General installation instructions are  This guide extends and assists with those instructions.

I. Download
The current stable version is 1.2.1.  Download it from

Note that it requires PHP 5.2.4.

II. Create a userid to own the community-id site.

  1. Create a separate userid, e.g. „comid„, to own the installation, with it’s own home directory (e.g. /home/comid).
  2. chmod 711 /home/comid
  3. In that id, unpack the downloaded file (e.g. tar xvfz cid.1.2.1.tar.gz), which creates the communityid directory
  4. As root in the comid home directory, do chown -R comid:apache communityid.  (Assumes that your Apache web server runs as useridapache.)

III. Define a DNS Name
Select a DNS name for your OpenId server, e.g.

This guide assumes that you want to use the simplest OpenId form for your userids.  E.g. if my OpenId server is „“, then user „roth“ is just „“.  This is great for your users, but it requires that the domain name is only useable for OpenId, i.e. you can’t have any other service (like under that domain.

To make this work properly, you must define the DNS resolution for to redirect to  In the linux named server, for instance, your DNS definition would most likely contain:

   *                   IN CNAME

IV. Prepare Apache
Create a virtual host file for that name, e.g. /etc/httpd/conf/vhosts/, containing:

   ServerAlias *
   DocumentRoot /home/comid/communityid/webdir

   <Directory /home/comid/communityid>
      Options FollowSymLinks
      AllowOverride All

and restart Apache.

V. Prepare MySQL database
Create a MySQL database for OpenId, e.g.

   mysql -u root -p
   create database comid;
   grant all on comid.* to comid@localhost identified by 'newPassword';

VI. Finish Installation
Point a browser at  Fill in the database name, database password, the expected support email address, and an admin userid and password.  (The userid/pw is not an OpenId itself, just a way to administer the OpenId server.)

This automatically creates a file config.php in the communityid directory.  Edit this file (you may have to do it as root, since it is now owned by ‚apache‘), and change the definitions:

   $config['subdomain']['enabled']             = true;
   $config['subdomain']['hostname']            = '';
   $config['subdomain']['use_www']             = false;

Remove write permissions from this same file, e.g.

   cd /home/comid/communityid
   chmod 440 config.php

VII. Test
Point your browser at, and create an OpenId „account“.  You should end up with your own personal URL (aka OpenId) of  You can use this OpenId at thousands of participating OpenId-enabled websites, such as… (to be filled in soon).

VIII. Using OpenId in a web application
(This text is still under development)

  1. yum install httpd-devel.i386
  2. yum install libtidy.i386
  3. yum install libtidy-devel.i386
        make install