Richard,
Many people implement their own servers and tie it closely to their
protected resource API. There are a number of general purpose
authorization servers and libraries out there, though, including an open
source one written in Java that I maintain:
https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/
It's based on Spring and Spring Security, and it also includes OpenID
Connect support. Additionally, it implements JWT bearer tokens,
revocation, introspection, dynamic registration, and it has an admin
interface.
-- Justin
On 7/17/2014 4:47 AM, Richard Snowden wrote:
Hi there,
after viewing some tutorials and running some samples code I
understood the client side of OAuth 2.0.
Using existing Authorization Server seems to be not too complicated.
Question is: How to implement my own Authorization Server?
Since many companies have their own User/Privilege system, LDAP based
(e.g. Active Directory), etc. - they must have their own Authorization
Server.
Is there a framework, libraries, etc. for that? Or do I have to write
the code from scratch?
cheers,
Richard
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
