Yes, nonce verification is required; if it fails, the whole
authentication will fail.
First thing to check is that the time on the machine where your RP runs
is correct / synchronized. If that is ok, then enabling debug logs will
show more about the cause of the failure.
> I'm curious because I've yet to get attribute exchange
> working with either of the OPs and want to be sure that this (the
> failing nonce verification) isn't something that could stop that from
> working. Thanks,
I see that Yahoo advertises SREG in their discovery information.
Google supports AX, and the only attribute provided seems to be the
email address:
http://code.google.com/apis/accounts/docs/OpenID.html#attribute
Johnny
I am having the same problem.johnny is right.The time on the machine later one minute.Thanks johnny.Help me a lot.