1.3 Lightweight OpenID server

Crowd 2.8 introduces a new lightweight UI-free OpenID server, in addition to the existing OpenID server that ships with Crowd.

It uses persistent identifiers unaffected by renaming, and can be accessed at /openidserver/v2/op. It is automatically installed when you install Crowd, and no database setup is necessary.

The OpenID server is a Crowd-connected application which authenticates against the directories configured in Crowd. If a user has already logged into any other Crowd-connected application (and single sign-on is enabled), they will not be prompted for any further login once they have entered their OpenID URL at an OpenID-enabled website.

You can deploy multiple OpenID servers against a single Crowd instance, which may be useful in larger deployments.

Configuration

The Lightweight OpenID server has no admin UI. You control the server using its approval whitelist configuration file. By default, the whitelist is empty so no authentication will succeed until you add URLs.

For communication with Crowd, see the crowd.properties file located by default in crowd-openidserver-webapp/WEB-INF/classes. You may also set the system property crowd.openid.home to point to another directory holding this configuration file.

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport