Mod auth openidc

From TMM Wiki
Revision as of 20:05, 1 August 2018 by Boris (talk | contribs)
Jump to navigationJump to search

Apache module mod_auth_openidc allows you to authenticate members using NATS as the OpenID Connect server


Installing mod_auth_openidc

Please ask your host to install the mod_auth_openidc apache module on your member area server(s) if not already installed. Here is a link to their releases. It would be best if they can use one of the install packages. If not, they can compile it from source. NATS OpenID Connect server supports mod_auth_openidc starting from version 2.2.0.


Example Virtual Host Settings

Here is an example extract from an apache virtual host for a members area 

<Files openid_return.php>
  AuthType openid-connect
  Require valid-user
</Files>

OIDCProviderMetadataURL http://bob.whiskey.toomuchmedia.com/.well-known/member-openid-configuration
OIDCClientID 1,3,99
OIDCClientSecret clientSecret
OIDCScope openid
OIDCRedirectURI http://openidclient.com/openid_return.php
OIDCCryptoPassphrase cryptoPass
OIDCSSLValidateServer Off
OIDCSessionInactivityTimeout 30
OIDCSessionMaxDuration 0
OIDCRemoteUserClaim username
OIDCUserInfoRefreshInterval 0
OIDCUserInfoSignedResponseAlg RS256
OIDCTokenBindingPolicy disabled
Retrieved from "https://tmmwiki.com/index.php?title=Mod_auth_openidc&oldid=23900"