[mitreid-connect] Token Introspection example usage

Justin Richer jricher at MIT.EDU
Tue May 27 18:36:55 EDT 2014


No, there isn’t one at this time, but that’s not a bad idea to have something like that in the future. 

In the absence of that, you just need to set up an OAuth 2 resource server from Spring Security OAuth. You can find examples within that project — the bean creates a filter that you then add to your “http” block. Then wire in the “token services” of that filter bean with a copy of the “IntrospectingTokenServices” class, configured to talk to your authorization server. This will effectively act as a stand-in for the usual database-backed token services. From that point, it’s pretty much just using Spring Security and Spring Security OAuth like normal.

The documentation on the wiki page really should have the most comprehensive information:

https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Token-Introspecting-Client-Config

 — Justin

On May 27, 2014, at 6:27 PM, Duc Nguyen <nguyen.d.duc at gmail.com> wrote:

> Hello, is there an example (similar to simple-web-app) of how to use Token Introspection? I've read the source & documentation and been at this the last couple of days so any help would be greatly appreciated. Thanks, -Duc
> _______________________________________________
> mitreid-connect mailing list
> mitreid-connect at mit.edu
> http://mailman.mit.edu/mailman/listinfo/mitreid-connect

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20140527/cec406ac/attachment.bin


More information about the mitreid-connect mailing list