1.3 Lightweight OpenID server
Crowd 2.8 introduces a new lightweight UI-free OpenID server, in addition to the existing OpenID server that ships with Crowd.
It uses persistent identifiers unaffected by renaming, and can be accessed at
/openidserver/v2/op. It is automatically installed when you install Crowd, and no database setup is necessary.
The OpenID server is a Crowd-connected application which authenticates against the directories configured in Crowd. If a user has already logged into any other Crowd-connected application (and single sign-on is enabled), they will not be prompted for any further login once they have entered their OpenID URL at an OpenID-enabled website.
You can deploy multiple OpenID servers against a single Crowd instance, which may be useful in larger deployments.
The Lightweight OpenID server has no admin UI. You control the server using its approval whitelist configuration file. By default, the whitelist is empty so no authentication will succeed until you add URLs.
For communication with Crowd, see the
crowd.properties file located by default in
crowd-openidserver-webapp/WEB-INF/classes. You may also set the system property
crowd.openid.home to point to another directory holding this configuration file.