Skip to content

Commit

Permalink
update attribute name
Browse files Browse the repository at this point in the history 
#7780
  • Loading branch information
@dmuelle
dmuelle committed Dec 18, 2024
1 parent 5da129f commit f5cb858
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions modules/reference/pages/feature/openidConnectClient/examples.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,8 +109,8 @@ The following `server.xml` file example shows two Open ID connect client configu

[source,xml]
----
<openidConnectClient id="RP1" issuer="https://hostname/op1" ... />
<openidConnectClient id="RP2" issuer="https://hostname/op2" authFilterRef="rp2filter" .../>
<openidConnectClient id="RP1" issueridentifier="https://hostname/op1" ... />
<openidConnectClient id="RP2" issueridentifier="https://hostname/op2" authFilterRef="rp2filter" .../>
<authFilter id="rp2filter">
...
Expand All @@ -121,9 +121,9 @@ The following `server.xml` file example shows two Open ID connect client configu
Open Liberty selects the `openidConnectClient` configuration to use for a JWT request according to the following algorithm.

1. If the authentication filter for a `openidConnectClient` configuration matches the request, choose that configuration.
2. If the issuer claim from the JWT matches the `issuer` attribute in only one `openidConnectClient` configuration element, choose that configuration.
3. If the issuer claim from the JWT matches the `issuer` attribute in multiple `openidConnectClient` configuration elements, choose the first configuration that matches.
4. If the issuer claim from the JWT does not match the `issuer` attribute in any `openidConnectClient` configuration elements, choose between all of the configuration elements in a nondeterministic manner.
2. If the issuer claim from the JWT matches the `issueridentifier` attribute in only one `openidConnectClient` configuration element, choose that configuration.
3. If the issuer claim from the JWT matches the `issueridentifier` attribute in multiple `openidConnectClient` configuration elements, choose the first configuration that matches.
4. If the issuer claim from the JWT does not match the `issueridentifier` attribute in any `openidConnectClient` configuration elements, choose between all of the configuration elements in a nondeterministic manner.
Claim to subject mapping::
If you do not define claim-to-subject mapping, the following default rules apply.
Expand Down

0 comments on commit f5cb858

Please sign in to comment.