[
https://issues.apache.org/jira/browse/SYNCOPE-1270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16534817#comment-16534817
]
ASF subversion and git services commented on SYNCOPE-1270:
----------------------------------------------------------
Commit ad4126a98342368bd23650904b5c89800a3c5d45 in syncope's branch
refs/heads/2_0_X from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=ad4126a ]
[SYNCOPE-1270] Stronger check
> OpenID Connect client feature
> -----------------------------
>
> Key: SYNCOPE-1270
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1270
> Project: Syncope
> Issue Type: New Feature
> Components: extensions
> Reporter: Dima Ayash
> Assignee: Francesco Chicchiriccò
> Priority: Major
> Fix For: 2.0.9, 2.1.0
>
>
> This feature implements an SSO access to the Enduser UI and Admin Console by
> using [OpenID Connect 1.0|http://openid.net/connect/] which is a simple
> identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify
> the identity of the End-User based on the authentication performed by an
> Authorization Server, as well as to obtain basic profile information about
> the End-User in an interoperable and REST-like manner.
> The flow for this feature will be possibly as follow (using Google as an
> example of OpenID Connect Provider):
> # From Enduser or Admin login UI, the user can choose to be authenticated
> using Google account.
> # Check if the user has a valid session, otherwise prompts the user to login
> by redirecting him to the Google Login UI.
> # After the user login successfully to his Google account, grant him an
> access to Enduser UI or Admin console.
> This will be achieved by following the OpenId Connect required flow,
> leveraging possibly from CXF features.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
