<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>It's not quite as simple as a redirect. You need to have an
OpenID Connect *client* on your other machine. OpenID Connect
(OIDC) is a protocol, and there are a few steps that you need to
do to make it work. In a nutshell:</p>
<p><br>
</p>
<ul>
<li>Starting at your other machine, redirect over to the OIDC
server.</li>
<li>User logs into the OIDC server</li>
<li>User is redirected back to your machine with an authorization
code</li>
<li>Your machine sends the authorization code back to the OIDC
server (using a direct HTTP call, no redirects)</li>
<li>OIDC server sends you a bunch of tokens, which you validate<br>
</li>
</ul>
<p>And now you're logged in. I've elided a few of the details but if
you want, you can download chapter 13 of my book (for free) here:</p>
<p><br>
</p>
<p><a class="moz-txt-link-freetext" href="https://www.manning.com/books/oauth-2-in-action">https://www.manning.com/books/oauth-2-in-action</a></p>
<p><br>
</p>
<p>It goes into much greater detail. I of course recommend the rest
of the book too, but I'm biased. :)<br>
</p>
<p><br>
</p>
<p>Good news is that just about any platform and language has a
capable OIDC client written for it these days. There's a pretty
popular one called mod_auth_openidc that you can use to set up
Apache-protected websites, and you might want to look into that.
The MITreid project has a client library as well, designed for
applications written in Java using Spring Security.</p>
<p><br>
</p>
<p> -- Justin<br>
</p>
<br>
<div class="moz-cite-prefix">On 5/29/2017 6:35 AM, Melanie Planer
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:1496054154076.61148@st.oth-regensburg.de">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style type="text/css" style="display:none"><!-- p { margin-top: 0px; margin-bottom: 0px; }--></style>
<p>Hey guys,<br>
</p>
<p><br>
</p>
<p>me and my team (four computer science students) are working on
a project for university.<br>
</p>
<p><br>
</p>
<p>We want to configure OpenID Connect and have succesfully built
the project on a virtual machine.<br>
</p>
<p><br>
</p>
<p>On a second virtual machine, that is connected to the OpenID
Server machine via network, we have an Apache Webserver with a
simple website.<br>
</p>
<p><br>
</p>
<p>When we open our Apache website on this second machine we will
be redirected to the test website from the Mitreid OpenID
Project (located on the first machine), where we are able to
login with the test user (user, password).<br>
</p>
<p><br>
</p>
<p>Our next goal would be to be redirected to our custom website /
our Apache Webserver on the second machine after a succesful
login.</p>
<p><br>
</p>
<p>We are total beginners with html, xml and the topic itself so
even after spending a few days looking for a solution we could
not find one.<br>
</p>
<p><br>
</p>
<p>We would be very grateful if someone could give us a
description or a hint where we can implement this redirection. <br>
</p>
<p><br>
</p>
<p>Thanks in advance!<br>
</p>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
mitreid-connect mailing list
<a class="moz-txt-link-abbreviated" href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a>
<a class="moz-txt-link-freetext" href="http://mailman.mit.edu/mailman/listinfo/mitreid-connect">http://mailman.mit.edu/mailman/listinfo/mitreid-connect</a>
</pre>
</blockquote>
<br>
</body>
</html>