Java Spring Security with OpenId Provider

本秂侑毒 提交于 2019-12-12 13:54:25

问题


I have a spring MVC application.Another client application want access my spring app using open id connect. How to implement open id provider in server side.Please help.


回答1:


MITREid Connect OpenID-Connect-Java-Spring-Server is an OpenID Connect implementation on the Spring platform.

I'm afraid that Spring Security OAuth project won't be able to support OpenID Connect because it will require big changes in design. See Issue 619, for example.

In general, a typical OAuth 2.0 server implementation assumes that a value of response_type parameter contained in an authorization request is either code or token (although RFC 6749 mentions the possibility that the parameter may take multiple values at a time). However, OpenID Connect Core 1.0 and OAuth 2.0 Multiple Response Type Encoding Practices have invalidated the assumption explicitly. Now, response_type parameter can be any combination of code, token and id_token, or none. This has a big impact on existing OAuth 2.0 server implementations. Personally, as a matter of fact, I once discarded my OAuth 2.0 server implementation and rewrote it from scratch to support OpenID Connect.



来源:https://stackoverflow.com/questions/36977101/java-spring-security-with-openid-provider

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!