[mitreid-connect] How to use the OpenID-connect-server

Martin Kuba makub at ics.muni.cz
Thu Jan 25 04:58:38 EST 2018 

Dear Kevin,

it depends on what you mean by a "service". If you mean a Client or a Resource Server,
you can choose from the certified implementations listed at http://openid.net/developers/certified/
I have a very positive experience with "Apache mod_auth_openidc" for server-side Client and Resource Server,
and with oidc-client-js for a browser-based Client.

If you mean a customized OpenID Provider, then the documentation at
https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Build-instructions#data-connection
is correct, you can just build an unmodified OP with in-memory database and two testing users and use it.

You can then customize it in three steps:

* modify src/main/webapp/WEB-INF/user-context.xml to define your own AuthenticationProvider and UserInfoRepository
* set AuthenticationProvider in one of two ways:
** implement your own AuthenticationProvider that somehow authenticates a user
** or use org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider
    and implement your own AuthenticationFilter and AuthenticationUserDetailsService which extract
    info from preauthenticated request and return a user id
* implement your own UserInfoRepository to supply user data for a given user id

You can see the example project at https://github.com/mitreid-connect/ldap-openid-connect-server
to see how it can be done for a LDAP server.

Best regards

Martin

Dne 25.1.2018 v 08:20 sheldon74 at qq.com napsal(a):
> *Dear mitreid-connect:*
> *Hello,it's nice to communicate here.*
> *    I want to know how to build a service for OpenID connect server.Although it is explained by th Github document,it is still not successful.And I need to know how to use it.*
> *I'm sorry to disturb you, but I just want to use it.
> *
> *
> *
> 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CERIT-SC                               Martin Kuba
Institute of Computer Science    email: makub at ics.muni.cz
Masaryk University             http://www.ics.muni.cz/~makub/
Botanicka 68a, 60200 Brno, CZ     mobil: +420-603-533775
--------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3735 bytes
Desc: Elektronicky podpis S/MIME
Url : http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20180125/4e618487/attachment.bin

More information about the mitreid-connect mailing list