diff --git a/openid_provider.inc b/openid_provider.inc
index 064bc54..dd953ad 100644
--- a/openid_provider.inc
+++ b/openid_provider.inc
@@ -89,15 +89,25 @@ function openid_provider_association_error() {
 function openid_provider_authentication_response($request) {
   global $user;
 
+  // Determine the realm (openid.trust_root in 1.x)
+  $realm = (empty($request['openid.realm'])) ? $request['openid.trust_root'] : $request['openid.realm'];
+
+  $whitelist = explode("\r\n", variable_get('openid_provider_whitelist', ""));
+  $blacklist = explode("\r\n", variable_get('openid_provider_blacklist', ""));
+
+  // If realm on blacklist, or whitelist_only, cancel the login request.
+  if (in_array($realm, $blacklist) or (!in_array($realm, $whitelist) and variable_get('openid_provider_whitelist_only', FALSE))) {
+    if (!empty($_POST))
+      unset($_POST);
+    drupal_goto($request['openid.return_to']);
+  }
+
   // If the user is not yet logged in, redirect to the login page before continuing.
   if (!$user->uid) {
     $_SESSION['openid_provider']['request'] = $request;
     drupal_goto('user/login', 'destination=openid/provider/continue');
   }
 
-  // Determine the realm (openid.trust_root in 1.x)
-  $realm = (empty($request['openid.realm'])) ? $request['openid.trust_root'] : $request['openid.realm'];
-
   // Check for a directed identity request.
   if ($request['openid.identity'] == 'http://specs.openid.net/auth/2.0/identifier_select') {
     $identity = openid_provider_url(openid_provider_user_path($user->uid));
@@ -157,7 +167,8 @@ function openid_provider_authentication_response($request) {
   $response = array_merge($response, module_invoke_all('openid_provider', 'response', $response, $request));
 
   $rp = _openid_provider_rp_load($user->uid, $realm);
-  if ($rp->auto_release) {
+  $sites_auto_release = variable_get('openid_provider_sites_auto_release', 'none');
+  if ($rp->auto_release or ($sites_auto_release == 'all') or (in_array($realm, $whitelist) and ($sites_auto_release == 'whitelist'))) {
     $response = _openid_provider_sign($response);
     _openid_provider_rp_save($user->uid, $realm, TRUE);
     _openid_provider_debug('automatic response authentication success using 1.0 redirect to %url (response dump: <pre>%response</pre>)', array('%url' => $request['openid.return_to'], '%response' => var_export($response, TRUE)));
diff --git a/openid_provider.module b/openid_provider.module
index 8fe42ec..fc1b6c8 100644
--- a/openid_provider.module
+++ b/openid_provider.module
@@ -185,6 +185,41 @@ function openid_provider_admin_settings() {
     '#description' => t('This will enable debugging of this module to the watchdog.'),
     '#default_value' => variable_get('openid_provider_debugging', false),
   );
+  $form['sitelist'] = array(
+    '#type' => 'fieldset',
+    '#title' => t('Sites management'),
+    '#collapsible' => TRUE,
+    '#collapsed' => FALSE,
+  );
+  $form['sitelist']['openid_provider_sites_auto_release'] = array(
+    '#type' => 'radios',
+    '#title' => t('Automatically login without confirmation page.'),
+    '#options' => array(
+      'all' => 'Anonymous sites',
+      'whitelist' => 'Whitelist only',
+      'none' => 'Always ask',
+    ),
+    '#default_value' => variable_get('openid_provider_sites_auto_release', 'none'),
+  );
+  $form['sitelist']['openid_provider_whitelist_only'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Disable anonymous sites'),
+    '#default_value' => variable_get('openid_provider_whitelist_only', FALSE),
+    '#description' => t('Only allow sites on the whitelist to login using the OpenID provider.'),
+  );
+  $form['sitelist']['openid_provider_whitelist'] = array(
+    '#type' => 'textarea',
+    '#title' => t('Whitelist'),
+    '#default_value' => variable_get('openid_provider_whitelist', ""),
+    '#description' => t('Sites on this list can be logged in through the OpenID provider. Enter one site per line with the full URL e.g. <em>http://www.example.com/</em>.'),
+  );
+  $form['sitelist']['openid_provider_blacklist'] = array(
+    '#type' => 'textarea',
+    '#title' => t('Blacklist'),
+    '#default_value' => variable_get('openid_provider_blacklist', ""),
+    '#description' => t('Sites on this list will be completely forbidden to login through the OpenID provider. Duplicated sites on whitelist will be considered blacklisted.'),
+  );
+
   return system_settings_form($form);
 }