Java Spring Security和OpenId Provider [英] Java Spring Security with OpenId Provider

问题描述

我有一个spring MVC应用程序，另一个客户端应用程序想使用open id connect访问我的spring应用程序.如何在服务器端实现开放ID提供程序.请帮忙.

I have a spring MVC application.Another client application want access my spring app using open id connect. How to implement open id provider in server side.Please help.

推荐答案

MITREid Connect

MITREid Connect OpenID-Connect-Java-Spring-Server is an OpenID Connect implementation on the Spring platform.

恐怕 Spring Security OAuth 项目将无法支持OpenID Connect，因为它将需要对设计进行重大更改.例如，请参见问题619 .

通常，典型的OAuth 2.0服务器实现假定授权请求中包含的response_type参数的值是code或token(尽管RFC 6749提到了该参数可能采用多个值的可能性).一次).但是， OpenID Connect Core 1.0 和 OAuth 2.0多响应类型编码实践 已明确使该假设无效.现在，response_type参数可以是code，token和id_token或none的任意组合.这对现有的OAuth 2.0服务器实施有很大影响.就我个人而言，事实上，我曾经丢弃过我的OAuth 2.0服务器实现，并从头重写了它以支持OpenID Connect.

In general, a typical OAuth 2.0 server implementation assumes that a value of response_type parameter contained in an authorization request is either code or token (although RFC 6749 mentions the possibility that the parameter may take multiple values at a time). However, OpenID Connect Core 1.0 and OAuth 2.0 Multiple Response Type Encoding Practices have invalidated the assumption explicitly. Now, response_type parameter can be any combination of code, token and id_token, or none. This has a big impact on existing OAuth 2.0 server implementations. Personally, as a matter of fact, I once discarded my OAuth 2.0 server implementation and rewrote it from scratch to support OpenID Connect.

这篇关于Java Spring Security和OpenId Provider的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！