OpenID plus a bit of security

[Anonymous]

Hi,

I would like give to my users the ability to login by openID services like Google.
When the user is logged in then he will able to do some call in a custom web service.

The question is how can the webservice know if the user is logged in?

Tnx

 

[Anonymous]

What does google have to say about their service?

 

[Anonymous]

Execuse me?

 

[Anonymous]

How does the google service work to check when someone is logged on?

 

[Anonymous]

I do not know how google does, indeed I'm not interest how they do I need to understand how can I do with a custom webservice

 

[Anonymous]

If something already exists, then it's a good idea to either use it or at least learn what you can from it - especially where security is concerned since there maybe some things that you either don't know about or haven't thought about.

 

[Anonymous]

gotcha good point. But I wrote here to have a hint like "use this library for your webservice and this for your client side on javascript"
if possible