Hi,
As mod_authnz_crowd has been deprecated, I 'm trying to setup apache authentication with openid (crowid).
Openid & mod_auth_openidc require additional parameters OIDCCryptoPassphrase & OIDCProviderMetadataURL etc.
I went through the crow/crowid documentation but I didn't find these parameters.
Does somebody know where I can find these parameters?
Or;
1/ has somebody successfully integraded apache with crowid openid authentication?
2/ What is the recommended way to setup apache authentication with crowd?
kind regards,
--
staf
You did not find those parameters in the current CrowdID's documentation because they are referring to the OpenID Connect (OIDC) protocol whereas as of today CrowdID supports the OpenID 2.0 protocol. Though OpenID 2.0 may be considered as the ancestor of OIDC, they are very different protocols.
That being said, Atlassian has just announced that they are working on supporting OpenID Connect in all their core products in Data Center version, which includes Crowd as far as I understand.
Regarding your second question, I haven't tested it myself but you may want to take a look at the following connector and give it a try: https://github.com/ferstl/cwdapache-rhel7
CrowdID supports the OpenID 2.0 protocol. Though OpenID 2.0 may be
considered as the ancestor of OIDC, they are very different protocols.
Thanks for your reply and your clarification.
It is pitty that Openidc isn't supported. The Openid apache module ( mod_auth_openid module http://findingscience.com/mod_auth_openid/index.html) has a message that they are looking for new maintainer which is not very encouraging to use it in a supported environment. It's also not included in most GNU/Linux distribution and not supported by Redhat, etc.
Regarding your second question, I haven't tested it myself but you
may want to take a look at the following connector and give it a try:
I tried it and it works fine. But it'd be nice if Atlassian provided a supported solution. Let's hope that the Openidc support will resolve this issue.
cheers,
--
staf
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.