Authentication/OpenIDConsumer: Difference between revisions
No edit summary |
m (sync w/8.7) |
||
Line 16: | Line 16: | ||
<pre> | <pre> | ||
- Create "openidconsumer" directory under /opt/zimbra/lib/ext | - Create "openidconsumer" directory under /opt/zimbra/lib/ext | ||
Line 24: | Line 22: | ||
- Copy "openid4java-0. | - Copy "openid4java-1.0.0.jar" to /opt/zimbra/jetty/common/lib directory | ||
Line 42: | Line 40: | ||
- | - zmmailboxdctl restart | ||
Line 65: | Line 63: | ||
<zimbra_host_base_url>/service/extension/openid/consumer?openid_identifier=<user-supplied-identifier> | <zimbra_host_base_url>/service/extension/openid/consumer?openid_identifier=<user-supplied-identifier> | ||
</pre> | |||
{{Article Footer|Zimbra Collaboration 8.0, 7.0|04/16/2014}} | {{Article Footer|Zimbra Collaboration 8.0, 7.0|04/16/2014}} |
Latest revision as of 20:47, 8 February 2016
OpenID Consumer Readme
- This article is a Work in Progress, and may be unfinished or missing sections.
Included in Network Edition at the following location:
/opt/zimbra/extensions-network-extra/openidconsumer/README.txt
- Create "openidconsumer" directory under /opt/zimbra/lib/ext - Copy "openidconsumer.jar" to /opt/zimbra/lib/ext/openidconsumer directory - Copy "openid4java-1.0.0.jar" to /opt/zimbra/jetty/common/lib directory - Copy "formredirection.jsp" file to /opt/zimbra/jetty/webapps/zimbra/public directory - Configure allowed OpenID Provider URLs for the domain: zmprov md <domain> +zimbraOpenidConsumerAllowedOPEndpointURL <op_endpoint_url> e.g. zmprov md <domain> +zimbraOpenidConsumerAllowedOPEndpointURL https://open.login.yahooapis.com/openid/op/auth - If the zimbraOpenidConsumerStatelessModeEnabled server attribute is set to FALSE (TRUE by default), setup memcached - zmmailboxdctl restart - To associate/link an "open id" with a user's account (to provision OpenID-based login in future) when the user is already logged-in into Zimbra web client, browse to: <zimbra_host_base_url>/service/extension/openid/consumer?openid_identifier=<user-supplied-identifier> e.g. <zimbra_host_base_url>/service/extension/openid/consumer?openid_identifier=yahoo.com You should end up with a "Success" page. Essentially, this step results in the "open id" being added to account's zimbraForeignPrincipal attribute. OpenID Consumer tries to discover the OpendID Provider Endpoint URL using the user-supplied-identifier. If the discovery process fails to discover any endpoints then the user-supplied-identifier is assumed to be the OpenID Provider Endpoint URL. - To initiate OpenID-based login (instead of the usual username/password-based login), again browse to: <zimbra_host_base_url>/service/extension/openid/consumer?openid_identifier=<user-supplied-identifier>