If you're new here, you may want to subscribe to the RSS feed. Thanks for visiting!

Update: A lot of the information below is irrelevant due to the release of WP-OpenID: a complete, working plugin for OpenID comments on WordPress.

OpenID is a “decentralized identity system”, which is like a single login that you control. You authenticate to a server which you trust, and then decide which details that trusted authority passes onto the site you’re trying to access.

The OpenID website recently relaunched with a WordPress powered blog, which (of course) accepts OpenID logins for commenting.

If you’d like to add OpenID comments to your WordPress site, then I’ve outlined a couple of your choices below. Be aware that I’ve only tested these plugins with WordPress 2.3 on PHP 5, so your results may vary!

WP-OpenID+ 1.0.1

If you search Google for “wordpress openid” you’ll find many abandoned projects such as WordPress OpenID Plugin and OpenID For WordPress. Avoid these, as they’re way out of date.

WP-OpenID+ 1.0.1 is available from the official WordPress plugin repository and does work, although it requires more effort than your usual WordPress plugin.

The code appears to be a later version of Will Norris’ plugin which is in turn a “fork” or Alan Castonguay’s abandoned plugin. However, the supplied zip file is incomplete and this is what you must do to get it working:

  1. Download and extract the zip file. You should have a directory called “openid”.

  2. Within this directory, edit the file “openid-registration.php” with your favourite text editor and find lines 12-13, which should look like this:

    define ( 'OPENIDIMAGE', get_option('siteurl') . '/wp-content/plugins/wpopenid/images/openid.gif' );

    define ( 'WPOPENID_PLUGIN_VERSION', 1.0.1 );

    You need to change “wpopenid” in the path to “openid” so that the image references within the plugin work. Then wrap the 1.0.1 is quotes (like this: “1.0.1″) to prevent PHP falling over about the unquoted string.

  3. This OpenID plugin relies on the PHP OpenID Library which, despite what the README claims, has not been included. You’ll need to download the latest release from the 1.x.x branch (not 2.x).

  4. Extract the PHP OpenID Library files, and then copy the “Auth” and “Services” directories into your “openid” directory from Step 1.

  5. Now you can upload this directory to your webserver and install it as normal.

  6. If everything works then edit “openid-registration.php” one last time and find line 20:

    define ( 'WORDPRESSOPENIDREGISTRATION_DEBUG', true );

    Change “true” to “false” to switch off the verbose debug messages.

Well, that was a total faff! Be aware that, even once you’ve made the above modifications, the plugin may still have issues! When I installed the plugin here on rotacoo.com the settings were always reverting to the defaults, which was annoying.

If you’re also having issues with this version, or couldn’t be bothered with all the effort, then you might consider the alternative method…

WordPress OpenID

Will Norris has continued development of his “WordPress OpenID” plugin (formerly known as “WordPress OpenID Plugin+“, and the basis of “WP-OpenID+” mentioned above) and is aiming to release it as “version 2.0″ sometime in October.

If you’re feeling a little crazy, and just can’t wait until the plugin is officially released, you can grab the latest code from the subversion repository1. The repository code is quite stable, and is used on the official OpenID site.

Everything that is required is included in the package, so there’s no need to change any files before uploading to your webserver. Just make sure you checkout the trunk into a directory called “openid” (not “wpopenid”).

Is there some GMP in your PHP?

When you’ve successfully installed one of the above plugins you will find an “OpenID” page on your WordPress options panel. This should have a status output that lists various configuration and debugging information for your particular install.

Make sure you check the output for whether or not you have GMP support complied into your copy of PHP. Although the plugin lists the lack of GMP support as a warning, it should almost be a fatal error – as commenting on the blog via OpenID takes a painfully long time without GMP support.

GMP is the “GNU Multi-Precision Library”, which is used by the OpenID scripts for arbitrary precision arithmetic (calculations on potentially huge numbers) within the cryptography.

Unfortunately most webhosts do not provide PHP with GMP support, and without it these calculations take a very long time.

If your site is hosted by Dreamhost then you’ll need to recompile your own PHP (which can be a very involved process) and then vote for GMP to be included by default.

Here at Rotacoo we run our sites on a Slicehost VPS running the latest Ubuntu release, but even that doesn’t have PHP-GMP by default (or available via apt). Instead, we had to recompile PHP, and nobody enjoys re-compiling things.

Conclusions

OpenID support in WordPress is messy at the moment but it is possible, and will hopefully be a little easier once “WordPress OpenID 2.0″ is released.

Let’s also hope that the plugin’s name sticks and doesn’t get any more confused with extra plusses, hyphens, abbreviations, etc.

Popular bloggers who aren’t comfortable re-compiling PHP are likely to have issues with the lack of GMP support in PHP installs. This will hopefully get better over time, as either webhosts include GMP in the PHP installs by default, or somebody finds a quicker way to do the calculations without it.

Google Sightseeing will be accepting OpenID comments soon, once we’ve finalised a few other changes.


  1. If you’re new to subversion the instructions on getting wordpress via subversion can be easily adapted to use the plugin’s repository. 

11 Responses to “How-to set up OpenID for WordPress comments”

  1. Oliver Jackson Says:

    oooo, does this work?

  2. Alex Turnbull Says:

    well, you logged in to post that comment, didn’t you! ;)

  3. Mr. Gunn Says:

    The people at Dreamhost told me to not even bother voting for addition of GMP. They like to keep their binaries lean and they’re not going to add it.

    You can always run in dumb mode.

    One thing, and I don’t know if this is the plug-in or something else, that’s annoying is that if your openID submission fails for whatever reason, you have to retype your comment. All the form info is blanked.

  4. Loki Says:

    I found that I had to install php-domxml for the plugin to work.

  5. Loki Says:

    hm… my blog delegates openid, but I don’t show up as being openid authenticated.

  6. Paul Says:

    Testing delegate

  7. Jürgen R. Plasser Says:

    Well, I need to test that in my WordPress blogs.

  8. Nicholas C Johnson Says:

    Testing this out…

  9. Nicholas C Johnson Says:

    It would be nice to be able to have the commenter’s name link to their own site instead of their OpenID authority. Perhaps 2 fields? (one for personal site and one for openid url)

  10. John Whelan Says:

    Very nice, looking forward to better support for OpenID in wordpress.

  11. Kanok Chantrasmi Says:

    Too bad, OpenID doesn’t work on my blog