[
https://wso2.org/jira/browse/IDENTITY-212?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=24655#action_24655
]
Prabath Siriwardena commented on IDENTITY-212:
----------------------------------------------
This is a deployment option.
> IS should redirect http openidURL to https
> ------------------------------------------
>
> Key: IDENTITY-212
> URL: https://wso2.org/jira/browse/IDENTITY-212
> Project: WSO2 Identity Solution
> Issue Type: Improvement
> Components: identity-provider
> Reporter: Harm Verhagen
>
> In case OpenIDUserUrl is set to an https address, wso2 IS, should
> redirect all access to the http version of the same openid to the https
> address.
> This is recommened behavior in the openid sepecification [1]
> In case OpenIDUserUrl is the to an http address, wso2 IS should do no
> redirection.
> [1] http://openid.net/specs/openid-authentication-2_0.html#http_s_identifiers
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
Identity-dev mailing list
[email protected]
https://wso2.org/cgi-bin/mailman/listinfo/identity-dev
