[
https://issues.apache.org/jira/browse/SYNCOPE-1270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dima Ayash updated SYNCOPE-1270:
Description:
This feature implements an SSO access to the Enduser UI and Admin Console by
using [OpenID Connect 1.0|http://openid.net/connect/] which is a simple
identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify
the identity of the End-User based on the authentication performed by an
Authorization Server, as well as to obtain basic profile information about the
End-User in an interoperable and REST-like manner.
The flow for this feature will be possibly as follow (using Google as an
example of OpenID Connect Provider):
# From Enduser or Admin login UI, the user can choose to be authenticated using
Google account.
# Check if the user has a valid session, otherwise prompts the user to login
by redirecting him to the Google Login UI.
# After the user login successfully to his Google account, grant him an access
to Enduser UI or Admin console.
This will be achieved by following the OpenId Connect required flow, leveraging
possibly from CXF features.
> OpenID Connect client feature
> -
>
> Key: SYNCOPE-1270
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1270
> Project: Syncope
> Issue Type: New Feature
> Components: extensions
>Reporter: Dima Ayash
>Priority: Major
> Fix For: 2.0.8, 2.1.0
>
>
> This feature implements an SSO access to the Enduser UI and Admin Console by
> using [OpenID Connect 1.0|http://openid.net/connect/] which is a simple
> identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify
> the identity of the End-User based on the authentication performed by an
> Authorization Server, as well as to obtain basic profile information about
> the End-User in an interoperable and REST-like manner.
> The flow for this feature will be possibly as follow (using Google as an
> example of OpenID Connect Provider):
> # From Enduser or Admin login UI, the user can choose to be authenticated
> using Google account.
> # Check if the user has a valid session, otherwise prompts the user to login
> by redirecting him to the Google Login UI.
> # After the user login successfully to his Google account, grant him an
> access to Enduser UI or Admin console.
> This will be achieved by following the OpenId Connect required flow,
> leveraging possibly from CXF features.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)