[mitreid-connect] Back channel access from RP to IDP with HTTP
Justin Richer
jricher at mit.edu
Sat Sep 10 08:40:24 EDT 2016
This isn't possible in our codebase.
-- Justin
On 9/10/2016 3:44 AM, Michael Furman wrote:
> Hi all,
> I want to deploy IDP and RP on the same server in the production.
> Therefore I want RP will access to IDP endpoints via HTTP.
> It mean the front channel will be via HTTPS and back channel with HTTP.
> How it is possible?
>
> I have configured the HTTPS issuer on the IDP site:
>
>
> /<property name="issuer"
> value="https://<...>/openid-connect-server-webapp/" />/
>
>
> I have configured the following on RP:
>
>
> /<bean
> class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService">/
>
> /<property name="servers">/
>
> /<map>/
>
> /<entry key="https://<...>/openid-connect-server-webapp/">/
>
> /<bean class="org.mitre.openid.connect.config.ServerConfiguration">/
>
> /<property name="issuer"
> value="https://<...>/openid-connect-server-webapp/" />/
>
> /<property
> name="authorizationEndpointUri"value="http://<...>:8088/openid-connect-server-webapp/authorize"
> />/
>
> /<property
> name="tokenEndpointUri"value="http://<...>:8088/openid-connect-server-webapp/token"
> />/
>
> /<property name="userInfoUri"
> value="http://<...>:8088/openid-connect-server-webapp/userinfo" />/
>
> /<property name="jwksUri"
> value="http://<...>:8088/openid-connect-server-webapp/jwk" />/
>
> /</bean>/
>
> /</entry>/
>
> /</map>/
>
> /</property>/
>
> /</bean>/
>
> Somehow the RPswitch to use HTTPS:
>
>
> /WARN :
> org.mitre.openid.connect.client.service.impl.WebfingerIssuerService -
> Returning normalized input string as issuer, hoping for the best:
> https://<...>/openid-connect-server-webapp//
>
> /WARN :
> org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService
> - Couldn't load configuration for
> https://<...>/openid-connect-server-webapp/: /
>
>
> Thank you in advance for your help.
>
> Best regards,
>
> Michael
>
>
>
>
> _______________________________________________
> mitreid-connect mailing list
> mitreid-connect at mit.edu
> http://mailman.mit.edu/mailman/listinfo/mitreid-connect
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20160910/40c7f4d4/attachment.html
More information about the mitreid-connect
mailing list