I am using Spring Security in our application

My requirement intially was to allow a user to login to our application using open id.
I was able to do so referring to online tutorials on using open id in Spring sercurity.

eg:

Code:
...
<http auto-config="false">
    	...
    	<openid-login authentication-failure-url="/FailurePage.jsp" default-target-url="/SuccessPage.jsp" user-service-ref="openIdUserService"/>
    	...
</http>
...
<beans:bean id="openIdAuthenticationProvider" class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider">
	...
</beans:bean>
<beans:bean id="openIdUserService" class="com.capgent.cpt.server.services.auth.OpenIDUserDetailsService">
	...
</beans:bean>
...
and a class as:
Code:
public class OpenIDUserDetailsService implements UserDetailsService
{
    public UserDetails loadUserByUsername(String openIdUrl) throws UsernameNotFoundException, DataAccessException
    {
        //Validate the openid from our database here ...
    }
}
I now have a requirement to allow an existing user to "attach" his open id to our application.
meaning that a user that is logged in, will add his open id into the system so that next time he can login using that open id.

So, given that i know the open id url eg: https://www.google.com/accounts/o8/id
How do I prompt user to login to the third party such as google and then return to our app and extract the open id url?

Will roles help me here ?