By: Serkan Yıldırım user 11 Sep 2015 at 7:57 a.m. CDT

4 Responses
Serkan Yıldırım gravatar
Hi, I installed latest gluu-server to my centos. I want to register an openid connect client. But i did not understand the meaning of "Redirect Login URIs" and "Redirect Logout URIs". They are not explained in the docs (http://www.gluu.org/docs/admin-guide/openid-connect/#client-registration). Actually in docs, that part is remained old i think. Because in the docs, screenshot shows "Redirect URIs", but my gluu-server shows the URIs that i mentioned. - Are "Redirect Login URIs" and "Redirect Logout URIs" used for IDP? - Does "Redirect Login URIs" show the custom authentication page for IDP? - Does "Redirect Logout URIs" show the custom logout URL for IDP? - How can i integrate a custom authentication page, which contains an applet, to the gluu-server? I appreicate any help, thanks...

By Mohib Zico staff 16 Sep 2015 at 5:51 a.m. CDT

Mohib Zico gravatar
>> - Are "Redirect Login URIs" and "Redirect Logout URIs" used for IDP? >> - Does "Redirect Login URIs" show the custom authentication page for IDP? >> - Does "Redirect Logout URIs" show the custom logout URL for IDP? `Redirect Login URI` and 'Redirect LogoutURI`: all are RP's url. Gluu Server's OpenID Connect client need to know how to talk to RP and in which link. Same goes for logout endpoints. >> - How can i integrate a custom authentication page, which contains an applet, to the gluu-server? Can't understand your searching, can you please add more info on this? What kind of app and what do you mean by 'custom authentication page'?

By Serkan Yıldırım user 16 Sep 2015 at 8:10 a.m. CDT

Serkan Yıldırım gravatar
Hi, > Can't understand your searching, can you please add more info on this? What kind of app and what do you mean by 'custom authentication page'? I want to authenticate end user by using a smart-card. I have an authentication page which has an applet is running. Applet gets some information from smart-card and sends the information to IDP. If we apply to this basic flow in openidconnect, use-case is like below: 1. End user opens RP's web site. 2. End user clicks "Login with Smart-Card" button. 3. RP redirects the user to the OP's authentication page. 4. Authentication page loads applet. 5. End user enter a PIN. 6. Applet does sth with smart-card and read some information from smart-card. 7. Applet send this information to the OP server. 8. OP read request attributes and perform authentication. 9. OP redirect the end user to the RP's page. 10. RP verify id token and login the end user. So, for the item 3, how can i tell gluu that "you must use this web page with applet as authentication page"? For item 8, i think i can handle it by writing a custom authentication script, can't i? Or do we have to update the source code of Gluu to include an authentication web page with applet jar and compile and re-deploy the Gluu? Thanks

By Mohib Zico staff 28 Sep 2015 at 2:33 a.m. CDT

Mohib Zico gravatar
I think it's better to have a call to discuss the whole issue. It will be easier to talk than discussing and understanding everything in ticket. Please feel free to book your call here in: http://www.gluu.org/booking/

By William Lowe user 15 Oct 2015 at 3:10 p.m. CDT

William Lowe gravatar
Serkan, Mike mentioned that you are going to schedule a call for next week. I'm going to close this ticket. Feel free to open a new ticket if needed.