Peter Mularien (Migrated from SEC-1288) said:
The default form field for OpenID identifier, as indicated in section 7.1 of the OpenID 2.0 spec, should be "openid_identifier". This should be the default in the Spring Sec OpenIDAuthenticationFilter, since it's unlikely that users would realistically use the default - j_username - in a typical login scenario. At the very least, this should be configurable when using the convenience element in the security namespace, without requiring the user to declare their own filter. The "openid_identifier" field is identified automatically in OpenID-enabled user agents, such as Flock or Firefox with the Verisign SeatBelt plugin.
Luke Taylor said:
Seems like a good idea, since this is recommended in the 2.0 spec. I've changed the default.