the patch adds Open4jFilter into shiro-open4j sub-project. It is meant as a reaction to:
> You can see the existing implementation in the 'support/openid4j' module (commit logs are attached to this issue). If anyone wants > to help out, we're open!
Filter collects either personal OpenId url from user or OpenId provider url and redirect user to providers authentication page (for example Google account page). It also listens for OpenId authentication answer, verifies it and put verification result into authenticationtoken.
RelyingPartyRealm, or any other realm. may then authenticate user into some in-application account.
Please ignore original patch, I forgot to include one method. Correct patch files are patch-shiro-openid4j-01.patch and patch-shiro-web-01.patch.
Filter configuration in ini file:
authenticatingFilter = org.apache.shiro.openid4j.authc.Open4jFilter
- page that performs redirect to OpenId provider login page
- url where the application listens for OpenId provider answers
- request parameter with login error information; if not present filter assumes 'shiroLoginFailure'
- specify login page
authenticatingFilter.loginUrl = /account/login.jsp
- redirect after successful login
authenticatingFilter.successUrl = /account/personalaccountpage.jsp