OpenCCT: OpenID Connect SSO authentication client Java library - Page 4

Two parameters are to be added in the «web.xml» web deployment descriptor file of the target application. The first parameter «filter» must declare the «AuthFilter» filter provided by OpenCCT, as well as the parameters of the authentication server used. The second parameter «filter-mapping» indicates the protected area of the application, which should only be accessible to authenticated users. Naturally, the values used in the example should be adapted to the specific use case by doing the following:

  • Replace, if necessary, the values of the «login-endpoint» and «token-endpoint» parameters if the server used is other than Google's one.
  • Replace the values of the «oauth-id» and «oauth-secret» parameters by the values provided at application's registration time.
  • Replace the value of the «url-pattern» of «filter-mapping» parameter by the desired path. eg: /* to protect the entire application.

Authentication errors management

During exchanges between OpenCCT and the authentication server, errors may occur. In particular, the server may become unavailable or identity theft attempts may occur. In this case, and by default, the following error message is displayed:

This behavior may be modified by the introduction of the filter's optional parameter: «error-path». This parameter must indicate a path for the custom management of this error. In this case, the provision of the management code for this custom path is the responsibility of the target application. This option allows, for example, to add to the custom error page a link to a public access location (without authentication).