Using OpenID Connect to authenticate a person in Java - PowerPoint PPT Presentation

About This Presentation
Title:

Using OpenID Connect to authenticate a person in Java

Description:

The Protocol offers Java developers a way to authenticate a person at any Internet domain that supports the standard. To accomplish this, the domain must provide a way to register clients--the website and mobile applications that use the authentication API offered by the domain. – PowerPoint PPT presentation

Number of Views:261
Slides: 4
Provided by: gluu

less

Transcript and Presenter's Notes

Title: Using OpenID Connect to authenticate a person in Java


1
Using OpenID Connect to authenticate a person in
Java
  • The http//openid.net/connect Protocol offers
    Java developers a way to authenticate a person at
    any Internet domain that supports the standard.
    To accomplish this, the domain must provide a way
    to register clients--the website and mobile
    applications that use the authentication API
    offered by the domain.
  • Discovery
  • Discovery is the first step! Luckily, its
    super-easy! All you have to do is make a get
    request to https//domain/.well-known/openid-con
    figuration

2
  • This will return a JSON object, as described in
    the specification. For example, you can see
    Gluu's OpenID Connect discovery url.
  • This will tell you everything you need to know
    about this OpenID Connect provider, like what are
    the endpoints (URLs), what crypto is supported,
    and what user claims can you ask for.
  • An example of a Discovery Request, using the
    oxAuth RP library.
  • Client Registration
  • In SAML, the website was called a "Service
    Provider." In OpenID Connect, the website (or
    mobile application) is called a "Client." Clients
    can be registered manually by the OP, but more
    frequently, clients use the Dynamic Registration
    API to automate the process.
  • Obtaining the id_token
  • After your client is registered, it is time to
    get down to business. OpenID Connect offers two
    common workflows for authentication basic (where
    the person is using a browser, and can be
    re-directed) and implicit where the client sends
    the credentials, including the secret. There is a
    userful implements guide for basic and implicit

3
Logout OpenID Connect defines a mechanism for
Session Management. The idea is that javascript
in a web tab can detect that another tab has
logged out. One detection of a logout event, the
Web application can cleanup sessions in any
backend systems as necessary. Its not 100
effective. If the tab is closed when the logout
occurs in another tab, the event may not be
detected, and the backend systems are advised to
timeout sessions. Article Source -
http//gluu.soup.io/post/488920294/Using-OpenID-Co
nnect-to-authenticate-a-person
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Using OpenID Connect to authenticate a person in Java" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!