Difference between revisions of "OC5:Apache mod auth openidc"
(Added Apache mod_oidc) |
(→Apache mod_oidc) |
||
| Line 4: | Line 4: | ||
|name = Apache mod_oidc | |name = Apache mod_oidc | ||
|identifier = modoidc | |identifier = modoidc | ||
| − | |summary = | + | |summary = mod_oidc is an Apache authentication/authorization module that allows an Apache server to operate as an OpenID Connect Relying Party. |
| + | |||
| + | It requires users to authenticate at an external OpenID Connect Identity Provider using the OpenID Connect Basic Client profile. | ||
| + | |||
| + | It sets the REMOTE_USER variable to the id_token sub claim, other id_token claims are passed in HTTP headers, together with those (optionally) obtained from the user info endpoint | ||
| + | |||
| + | It allows for authorization rules (based on Requires primitive) that can do matching against the set of claims provided in the id_token/userinfo. | ||
| + | |||
| + | It supports multiple OpenID Connect Providers by reading provider metadata files from a metadata directory. | ||
| + | |||
| + | It supports OpenID Connect Dynamic Client Registration and OpenID Provider Discovery through account names. | ||
|homepage = | |homepage = | ||
| − | |instructions = Run "make install" from the top level directory to leverage the Apache "apxs" tool to compile and install the module in your Apache environment. | + | |instructions = Checkout the code from: https://code.google.com/p/pingfederate/source/checkout |
| − | + | ||
| + | Run "make install" from the top level directory to leverage the Apache "apxs" tool to compile and install the module in your Apache environment. | ||
| + | |||
| + | Configure it following the README at: https://code.google.com/p/pingfederate/source/browse/trunk/mod_oidc/README | ||
| + | |latestversion = https://code.google.com/p/pingfederate/source/browse/trunk/mod_oidc/ChangeLog | ||
|latestreleasedate = | |latestreleasedate = | ||
|solutionowner = Hans Zandbelt | |solutionowner = Hans Zandbelt | ||
Revision as of 07:22, 16 January 2014
{{#vardefine:DtArticleSortKey|}}
Apache mod_oidc
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Apache mod auth openidc}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Apache mod_oidc|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=OC5 Solution,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=OC5 Solution,title={{#var:page}},namespace=OC5|as XML]] edit |
| {{#if:|OC5 Solution |OC5 Solution }} | Apache mod_oidc |
| Identifier | bgcolor={{{color}}}}}|modoidc |
| Description | bgcolor={{{color}}}}}|mod_oidc is an Apache authentication/authorization module that allows an Apache server to operate as an OpenID Connect Relying Party.
It requires users to authenticate at an external OpenID Connect Identity Provider using the OpenID Connect Basic Client profile. It sets the REMOTE_USER variable to the id_token sub claim, other id_token claims are passed in HTTP headers, together with those (optionally) obtained from the user info endpoint It allows for authorization rules (based on Requires primitive) that can do matching against the set of claims provided in the id_token/userinfo. It supports multiple OpenID Connect Providers by reading provider metadata files from a metadata directory. It supports OpenID Connect Dynamic Client Registration and OpenID Provider Discovery through account names. |
| Product Page | bgcolor={{{color}}}}}| |
| Project or solution logo (if different than Participant logo) | bgcolor={{{color}}}}}| |
| Latest Version | bgcolor={{{color}}}}}|https://code.google.com/p/pingfederate/source/browse/trunk/mod_oidc/ChangeLog |
| Latest Release Date | bgcolor={{{color}}}}}| |
| Installation/Operation Instructions | bgcolor={{{color}}}}}|Checkout the code from: https://code.google.com/p/pingfederate/source/checkout
Run "make install" from the top level directory to leverage the Apache "apxs" tool to compile and install the module in your Apache environment. Configure it following the README at: https://code.google.com/p/pingfederate/source/browse/trunk/mod_oidc/README |
| Operated by | bgcolor={{{color}}}}}|Hans Zandbelt |
| Interop Roles | bgcolor={{{color}}}}}|RP {{ #if: https://code.google.com/p/pingfederate/source/browse/#svn%2Ftrunk%2Fmod_oidc |: https://code.google.com/p/pingfederate/source/browse/#svn%2Ftrunk%2Fmod_oidc |}} |
| bgcolor={{{color}}}}}|{{ #if: |: |}} | |
| bgcolor={{{color}}}}}|{{ #if: |: |}} | |
| bgcolor={{{color}}}}}|{{ #if: |: |}} |
Click here for help populating this chart.
{{ #if: RP | {{#vardefine:DtArticleSortKey|}}
OC5 RP FeatureTest List
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|Apache mod auth openidc}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Apache mod_oidc|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=RP_FeatureTest_List,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=RP_FeatureTest_List,title={{#var:page}},namespace=OC5|as XML]] edit |
|
}}
{{ #if: | {{#vardefine:DtArticleSortKey|}}
OC5 FeatureTest List
Template:OC5 FeatureTest List | }}
{{ #if: | {{#vardefine:DtArticleSortKey|}}
OC5 FeatureTest List
Template:OC5 FeatureTest List | }}
{{ #if: |
{{#vardefine:DtArticleSortKey|}}
OC5 Feature Test List
Template:OC5 Feature Test List | }} {{ #if: RP | | }} {{ #if: | | }} {{ #if: | | }} {{ #if: | | }}
