OpenID is a web technology that gives the users the possibility to use one website for authentication on another web service. The OpenID Attribute Exchange makes registration processes simpler, as the user can automatically allow the website to get some information like the e-mail address, the gender and the full name.
The next step to an even simpler login process would be autodiscovery. This means there would be no need to do anything for logging in. You simply have to go to the website and be logged at your OpenID provider (e.g. Google). This is quite easily possible if the user was logged in before. You leave a cookie that gives you the information which OpenID he uses. So you simply don't let him logout. I don't know if it is a good idea to do so.
The registration process is much trickier. Due to the same origin policy, you can't read other cookies than those you have set. So you can't check if there is a cookie from Google, Facebook or Yahoo.
You could try if the user has a Google account, as Google uses a discovery URL (https://www.google.com/accounts/o8/id) instead of the usual OpenID (something like https://me.yahoo.com/martinthoma). So, by chance you will be able to let a user register without forcing him to interact in any way with your website. He has to allow your website to get his data at his OpenID provider, though.
Further reading
- Wikipedia:
- OpenID: an open standard that describes how users can be authenticated in a decentralized manner, eliminating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities
- Yadis: a communications protocol for discovery of services such as OpenID, OAuth, and XDI connected to a Yadis ID
- OpenID Attribute Exchange 1.0: Specification
- Guide to Running a User Account System: by Eric Sachs of Google’s Identity team