NO LONGER MAINTAINED

DUE TO TIME CONSTRAINTS OF THE ORIGINAL OSS DEVELOPER THE NIMBLE PLUGIN IS NO LONGER BEING MAINTAINED.

OpenID Realm

The OpenID realm takes responsibility for authenticating users who access the host app using their personal OpenID account.

The logic for this realm is located at grails.plugins.nimble.core.OpenIDRealm for authentication purposes the important method is authenticate.

This realm operates on the token type grails.plugins.nimble.auth.OpenIDToken which is generated by the AuthController once the user has entered their OpenID URL and the OpenID service provider has responded with appropriate account details.

For the OpenID realm the authentication process is:
  1. Ensure the config option nimble.openid.federationprovider.enabled is true
  2. Determine if a user account exists in the Nimble database with the OpenID URL set as username, if it doesn't:
    • Determine if the config option nimble.openid.federationprovider.autoprovision is true
      • If it is create a new Nimble user object and profile and populate both with details provided by the OpenID server and continue
  3. Determine if the account is enabled
If all the above is valid a session is established for the user and they are allowed to continue. Failure at any stage results in an appropriate exception being thrown.