I’ve spent the last three days trying to implement OpenID for The Conversations Network’s web sites. I’m familiar with the concepts and protocols, so I figured it wouldn’t take much effort. I guess that’s what I get for being so self-confident. I still don’t have a solution to the current snag. Maybe someone else knows a workaround or at least some search engine will find this so others can avoid the traps I’ve fallen into.
All our sites are built on PHP5. I develop on OS X, check my code into Subversion, then checkout onto our live servers running RHEL. I chose the OpenID Enabled library. It’s really the only choice as far as I know.
I don’t know whether it’s a bug, poor documentation, or just our peculiar architecture, but there was an incompatibility between OpenID Enabled and my code that took about 12 hours to find. (If the URL of your response receiver includes a query string, you’ll have some extra work to do.) I finally got past that, coded new pages for login, registration and managing multiple OpenIDs for a user, and checked it into svn. I installed the library on the RHEL server and updated the code there. Didn’t work.
It turns out that the OpenID Enabled library needs an XML parser, either domxml (which is no longer available) or the newer/better DOM, which comes with the PHP 5 core code. But we use yum, and the yummy version of PHP5 was built with the –disable-dom option. So no XML parser and hence no OpenID. Aargh!
Sysadmin Tim doesn’t want to mess with another PHP5 build, and after years of working with him — and sometimes ignoring his advice — I’ve learned he’s always right. Surely, replacing our PHP5 (or even rebuilding it) would likely break something else. So I’m stuck until I can either find another OpenID library that doesn’t require the DOM XML parser, or some replacement for that parser. Too bad. OpenID is sort of cool.
Update: Problem solved. Just ran “%yum install php-xml” and restarted Apache. We now have OpenId across all The Conversations Network’s web sites.