[mitreid-connect] mitreid connect student project

Justin Richer jricher at mit.edu
Mon May 29 08:41:18 EDT 2017 

It's not quite as simple as a redirect. You need to have an OpenID 
Connect *client* on your other machine. OpenID Connect (OIDC) is a 
protocol, and there are a few steps that you need to do to make it work. 
In a nutshell:


  * Starting at your other machine, redirect over to the OIDC server.
  * User logs into the OIDC server
  * User is redirected back to your machine with an authorization code
  * Your machine sends the authorization code back to the OIDC server
    (using a direct HTTP call, no redirects)
  * OIDC server sends you a bunch of tokens, which you validate

And now you're logged in. I've elided a few of the details but if you 
want, you can download chapter 13 of my book (for free) here:


https://www.manning.com/books/oauth-2-in-action


It goes into much greater detail. I of course recommend the rest of the 
book too, but I'm biased. :)


Good news is that just about any platform and language has a capable 
OIDC client written for it these days. There's a pretty popular one 
called mod_auth_openidc that you can use to set up Apache-protected 
websites, and you might want to look into that. The MITreid project has 
a client library as well, designed for applications written in Java 
using Spring Security.


  -- Justin


On 5/29/2017 6:35 AM, Melanie Planer wrote:
>
> Hey guys,
>
>
> me and my team (four computer science students) are working on a 
> project for university.
>
>
> We want to configure OpenID Connect and have succesfully built the 
> project on a virtual machine.
>
>
> On a second virtual machine, that is connected to the OpenID Server 
> machine via network, we have an Apache Webserver with a simple website.
>
>
> When we open our Apache website on this second machine we will be 
> redirected to the test website from the Mitreid OpenID Project 
> (located on the first machine), where we are able to login with the 
> test user (user, password).
>
>
> Our next goal would be to be redirected to our custom website / our 
> Apache Webserver on the second machine after a succesful login.
>
>
> We are total beginners with html, xml and the topic itself so even 
> after spending a few days looking for a solution we could not find one.
>
>
> We would be very grateful if someone could give us a description or a 
> hint where we can implement this redirection.
>
>
> Thanks in advance!
>
>
>
> _______________________________________________
> mitreid-connect mailing list
> mitreid-connect at mit.edu
> http://mailman.mit.edu/mailman/listinfo/mitreid-connect

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20170529/42f34caf/attachment.html

More information about the mitreid-connect mailing list