HTTPS SSH

OpenCCT

OpenID connect client library for JEE 7 application server compliant. Tested on TomEE applications server. Allows a Java web application to verify the identity of the end-user. This verfication is based on the authentication performed by an OAuth 2.0 compliant authorization server. Using OpenCCT is as simple as adding the library jar file to the target application and setting a filter in the application's web deployment descriptor.

alt tag

Adding library to the target application

Maven dependency

Add this dependency to Maven pom.xml configuration file of the target application:

<dependency>
  <groupId>net.meddeb.oauth</groupId>
  <artifactId>opencct</artifactId>
  <version>1.0.0</version>
</dependency>

Then clone this git repository or download sources and install the library in your local Maven repository:

mvn clean package install

Or, you can simply add this setting to pom.xml file:

<repositories>
  <repository>
     <id>meddeb-net</id>
     <name>Meddeb.net Repository</name>
     <url>http://meddeb.net/maven</url>
  </repository>
</repositories>

If your project isn't a Maven project

You should add the OpenCCT library jar file to WEB-INF/lib folder of your application by the appropriate mean.

Web deployment descriptor (web.xml)

You should add a filter setting to this file according to the following example. This setting example is performed for Google authorization server but the library should work with any OAuth 2.0 compliant server. Add this setting to this file:

<filter>
  <filter-name>auth-filter</filter-name>
  <filter-class>net.meddeb.oauth.opencct.AuthFilter</filter-class>
  <init-param>
    <param-name>login-endpoint</param-name>
    <param-value>https://accounts.google.com/o/oauth2/v2/auth</param-value>
  </init-param>
  <init-param>
    <param-name>token-endpoint</param-name>
    <param-value>https://www.googleapis.com/oauth2/v4/token</param-value>
  </init-param>
  <init-param>
     <param-name>oauth-id</param-name>
     <param-value>CLIENT_ID_PROVIDED_BY_GOOGLE_REGISTRATION</param-value>
  </init-param>
  <init-param>
     <param-name>oauth-secret</param-name>
     <param-value>CLIENT_SECRET_PROVIDED_BY_GOOGLE_REGISTRATION</param-value>
  </init-param>
</filter>
<filter-mapping>
  <filter-name>auth-filter</filter-name>
  <url-pattern>/URI_TO_PROTECT</url-pattern>
</filter-mapping>

Replace CLIENT_ID_PROVIDED_BY_GOOGLE_REGISTRATION, CLIENT_SECRET_PROVIDED_BY_GOOGLE_REGISTRATION by values provided by google applications registration. Replace URI_TO_PROTECT by the pattern you need. You can also use one of the listed servers at http://openid.net/developers/certified as local test authentication server.

Recover authenticated user

When authentication success, logged in user data is stored in the session. To recover those data write a code like this:

User loggedUser = (User)session.getAttribute(AuthParameters.LOGGEDUSER); // session is the current HttpSession
String userID = "";
if (loggedUser == null) {
  // No user is authenticated
} else userID = loggedUser.getUid(); // to recover authenticated user id

User class is net.meddeb.oauth.opencct.User public class from OpenCCT library

AuthParameters class is net.meddeb.oauth.opencct.AuthParameters public class from OpenCCT library

For further details visit http://www.meddeb.net/opencct