<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p></p>
<div>
<p class="MsoNormal">Hi all,</p>
<p class="MsoNormal">I want to extend mitreid-connect IDP and to support additional authentication schemas, like Basic Authentication (or Kerberos).</p>
<p class="MsoNormal">I read the following document:</p>
<pre><a id="LPlnk829346" href="https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Server-configuration">https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Server-configuration</a></pre>
<br>
<p class="MsoNormal">In the current version we have RestAPI clients that accesses our application with Basic Authentication.<br style="mso-special-character:line-break">
<br style="mso-special-character:line-break">
</p>
<p class="MsoNormal">I just want to ensure the following flow will work when we will start to use OpenID-Connect.<br style="mso-special-character:line-break">
<br style="mso-special-character:line-break">
</p>
<p class="MsoListParagraphCxSpFirst" style="text-indent:-.25in;mso-list:l0 level1 lfo1">
<span style="mso-bidi-font-family:Calibri;mso-bidi-theme-font:minor-latin"><span style="mso-list:Ignore">1)<span style="font:7.0pt "Times New Roman"">
</span></span></span><span dir="LTR"></span>A RestAPI client accesses RP (our application) with the Basic Authentication header</p>
<p class="MsoListParagraphCxSpMiddle" style="text-indent:-.25in;mso-list:l0 level1 lfo1">
<span style="mso-bidi-font-family:Calibri;mso-bidi-theme-font:minor-latin"><span style="mso-list:Ignore">2)<span style="font:7.0pt "Times New Roman"">
</span></span></span><span dir="LTR"></span>RP redirects the request to mitreid-connect IDP using OpenID-Connect protocol</p>
<p class="MsoListParagraphCxSpMiddle" style="text-indent:-.25in;mso-list:l0 level1 lfo1">
<span style="mso-bidi-font-family:Calibri;mso-bidi-theme-font:minor-latin"><span style="mso-list:Ignore">3)<span style="font:7.0pt "Times New Roman"">
</span></span></span><span dir="LTR"></span>The modified mitreid-connect IDP authenticates the request using the Basic Authentication header.</p>
<p class="MsoListParagraphCxSpMiddle" style="text-indent:-.25in;mso-list:l0 level1 lfo1">
<span style="mso-bidi-font-family:Calibri;mso-bidi-theme-font:minor-latin"><span style="mso-list:Ignore">4)<span style="font:7.0pt "Times New Roman"">
</span></span></span><span dir="LTR"></span>mitreid-connect IDP redirects request back using OpenID-Connect protocol</p>
<p class="MsoListParagraphCxSpLast" style="text-indent:-.25in;mso-list:l0 level1 lfo1">
<span style="mso-bidi-font-family:Calibri;mso-bidi-theme-font:minor-latin"><span style="mso-list:Ignore">5)<span style="font:7.0pt "Times New Roman"">
</span></span></span><span dir="LTR"></span>RP (our application) authenticates the request using OpenID-Connect protocol</p>
<p class="MsoNormal">Also, I hope the same flow will work for other authentication schemas (e.g. Kerberos).</p>
<p class="MsoNormal">Thank you in advance for your help.</p>
<p class="MsoNormal">Best regards,</p>
<p class="MsoNormal"><span style="mso-spacerun:yes"> </span>Michael</p>
</div>
<br>
<p></p>
</div>
</body>
</html>