I implemented one service that performs the operation required to authenticate an OpenID login using the openid4java library.
Application flow are some as below
- JSP page to get OpenID from user
- JSP Page Surf Servers
- The openfile parameter for the servlet interacts with the service to obtain the required information to redirect the user to the actual OpenID provider for authentication.
- The return url provided by the OpenID provider is another servlet.
- this servlet retrieves the information required from the response sent by the public identifier provider and then interacts with the service to verify that the user has been authenticated by the public identifier provider.
- If the user is authenticated, the servlet redirects the user to the home page.
If you understand my approach to implementation, please write my following requests, please let me know that I will make more efforts to make it understandable.
Requests I use the JBoss 5 application server. In the above code, I simply get information if the user is authenticated or not, but I will need to tell jboss how this should allow the user to access limited resources, that is, browse the web.
, org.jboss.security.auth.spi.UsernamePasswordLoginModule ( ). , , OpenID. .
, , , DiscoveryInformation. , , .
, , http://www.theserverside.com/news/1364125/Using-OpenID
,