[mitreid-connect] MitreID openid server - prevent unauthorized user access to a valid client
Justin Richer
jricher at mit.edu
Wed Mar 27 12:06:18 EDT 2019
Off the top of my head, the best place would be to wire in a custom subclass of TofuUserApprovalHandler.
— Justin
On Mar 27, 2019, at 9:41 AM, shreyas sajjan <shreyas.sajjan at gmail.com<mailto:shreyas.sajjan at gmail.com>> wrote:
Hi MitreId Team,
We are using MitreID 1.3 Open ID Server and I'm looking for a way where I prevent user access to some of the clients where the user is not authorized.
I have a service which can ascertain if the user access is authorized for a particular client. I'm looking for a place where I can apply this service, something like blocking the "/authorize" request from client if it comes with the current signed in user.
Can you help me with any pointers in this regard?
Thank you,
Shreyas
_______________________________________________
mitreid-connect mailing list
mitreid-connect at mit.edu<mailto:mitreid-connect at mit.edu>
http://mailman.mit.edu/mailman/listinfo/mitreid-connect
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20190327/1d630dc1/attachment.html
More information about the mitreid-connect
mailing list