Slides for a scalable, robust OIDC identity provider with an extensible architecture.
The openid4java  library is a very handy set of components that handles openid and oauth for java applications and definitely worth a look before you capitulate in frustration before all that modern openid stuff. For those of us living and working outside the 7bit-speaking ANSI niche there is one webserver setting to verify: the … Continue reading Non-Latin characters, openID and the openid4java library
When trying to design for stateless services one finds it easy to reduce the information stored in an http session but for one piece: whether the client has authenticated against the server or not. Usually you would implement a proccess for authenticating like this: Client submits credentials (login / password) to the server Server checks … Continue reading Stateless user sessions with encrypted session IDs