[Openid-specs-heart] MITREid Connect: HEART Mode
Justin Richer
jricher at MIT.EDU
Sat Mar 19 02:11:31 UTC 2016
Hi all,
We’ve just wrapped up a set of tweaks to the MITREid Connect server that turn it into a (hopefully) compliant HEART authorization server, while turning off non-HEART-compliant features and functionality that are normally available in the server. For instance, this new flag automatically switches on strict URI matching as well as turning off client secrets throughout the system. These are all normally optional features on the regular server, but in HEART mode these are strictly enforced.
The code has been pushed to the master development branch of the MITREid Connect project on GitHub:
https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/
To turn it on, flip the flag “heartMode” to “true” inside of server-config.xml (or your ConfigurationPropertiesBean instance). You’ll get a little red “HEART” icon in the footer of the page if it’s activated.
We’re looking forward to feedback as the community tries this out.
Thanks,
— Justin
More information about the Openid-specs-heart
mailing list