Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:latest:authopenidconnect [2018/03/14 15:57]
coudot [Declare the OpenID Connect Provider in LL::NG]
documentation:latest:authopenidconnect [2019/04/10 20:04] (current)
Line 23: Line 23:
 ^  Google ​ ^  France Connect ​ ^ ^  Google ​ ^  France Connect ​ ^
 |  [[authopenidconnect_google|{{ :​applications:​google_logo.png?​nolink |}}]]  |  [[authopenidconnect_franceconnect|{{ :​applications:​franceconnect_logo.png?​nolink |}}]]  | |  [[authopenidconnect_google|{{ :​applications:​google_logo.png?​nolink |}}]]  |  [[authopenidconnect_franceconnect|{{ :​applications:​franceconnect_logo.png?​nolink |}}]]  |
 +
 +<note important>​OpenID-Connect specification isn't finished for logout propagation. So logout initiated by relaying-party will be forward to OpenID-Connect provider but logout initiated by the provider (or another RP) will not be propagated. LLNG will implement this when spec will be published.</​note>​
 ===== Configuration ===== ===== Configuration =====
  
Line 36: Line 38:
  
 <note tip>As passwords will not be managed by LL::NG, you can disable [[portalmenu#​menu_modules|menu password module]].</​note> ​ <note tip>As passwords will not be managed by LL::NG, you can disable [[portalmenu#​menu_modules|menu password module]].</​note> ​
 +
 +<note important>​
 +Browser implementations of formAction directive are inconsistent (e.g. Firefox doesn'​t block the redirects whereas Chrome does).
 +Administrators may have to modify formAction value with wildcard likes *.
 +
 +In Manager, go in : 
 +
 +''​General Parameters''​ > ''​Advanced Parameters''​ > ''​Security''​ > ''​Content Security Policy''​ > ''​Form destination''​
 +</​note>​
  
 Then in ''​General Parameters''​ > ''​Authentication modules''​ > ''​OpenID Connect parameters'',​ you can set: Then in ''​General Parameters''​ > ''​Authentication modules''​ > ''​OpenID Connect parameters'',​ you can set:
Line 60: Line 71:
  
 You can then access to the configuration of this OP. You can then access to the configuration of this OP.
- 
-<note important>​You must open all sub nodes to be sure that default values are saved by Manager</​note>​ 
  
 === Metadata === === Metadata ===
Line 128: Line 137:
     * **Display name**: Name of the application     * **Display name**: Name of the application
     * **Logo**: Logo of the application     * **Logo**: Logo of the application
 +    * **Order**: Number to sort buttons