[mitreid-connect] Back channel access from RP to IDP with HTTP
Michael Furman
michael_furman at hotmail.com
Sat Sep 10 03:44:27 EDT 2016
Hi all,
I want to deploy IDP and RP on the same server in the production.
Therefore I want RP will access to IDP endpoints via HTTP.
It mean the front channel will be via HTTPS and back channel with HTTP.
How it is possible?
I have configured the HTTPS issuer on the IDP site:
<property name="issuer" value="https://<...>/openid-connect-server-webapp/" />
I have configured the following on RP:
<bean class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService">
<property name="servers">
<map>
<entry key="https://<...>/openid-connect-server-webapp/">
<bean class="org.mitre.openid.connect.config.ServerConfiguration">
<property name="issuer" value="https://<...>/openid-connect-server-webapp/" />
<property name="authorizationEndpointUri" value="http://<...>:8088/openid-connect-server-webapp/authorize" />
<property name="tokenEndpointUri" value="http://<...>:8088/openid-connect-server-webapp/token" />
<property name="userInfoUri" value="http://<...>:8088/openid-connect-server-webapp/userinfo" />
<property name="jwksUri" value="http://<...>:8088/openid-connect-server-webapp/jwk" />
</bean>
</entry>
</map>
</property>
</bean>
Somehow the RP switch to use HTTPS:
WARN : org.mitre.openid.connect.client.service.impl.WebfingerIssuerService - Returning normalized input string as issuer, hoping for the best: https://<...>/openid-connect-server-webapp/
WARN : org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService - Couldn't load configuration for https://<...>/openid-connect-server-webapp/:
Thank you in advance for your help.
Best regards,
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20160910/f71a9e33/attachment-0001.html
More information about the mitreid-connect
mailing list