When an OpenID-enabled site passes authentication requests to a provider, it identifies itself with a realm URL. This URL may be considered a root of a trusted site. If the user trusts the realm URL, he or she should also trust matched and subsequent URLs.
By default, the realm URL is automatically set to the URL of the directory in which the login script resides. This default value is useful for most, but not all, cases. Sometimes an entire domain, and not a directory should be trusted. Or even a combination of several servers in one domain.
To override the default value, developers may pass the realm URL as a
third argument to the
Zend_OpenId_Consumer::login method. In
the following example, a single interaction asks for trusted access to
all php.net sites.
Example 626. Authentication Request for Specified Realm
$consumer = new Zend_OpenId_Consumer();
die("OpenID login failed.");
This example implements only the second step of authentication; the first and third steps are similar to the examples above.