Use oxd's Java Spring library to send users from a Spring application to your Gluu Server OpenID Connect Provider (OP) for dynamic enrollment, single sign-on (SSO), strong authentication and access management policy enforcement.


You can also refer to the oxd-java library docs for more details on Java classes.

Installation Guides#

Software Requirements#

System Requirements:

  • Ubuntu / Debian / CentOS / RHEL / Windows Server 2008 or higher
  • Java 7 or higher
  • Apache 2.4.4 or higher

To use the oxd-java library, you will need:

  • A valid OpenID Connect Provider (OP), like the Gluu Server or Google
  • An active installation of the oxd-server running in the same server as the client application
  • If you want to make RESTful (https) calls from your app to your oxd-server, you will also need an active installation of the oxd-https-extension
  • A Windows server or Windows installed machine / Linux server or Linux installed machine

Configuring the oxd-server#

  • Edit the file /opt/oxd-server/conf/oxd-conf.json if needed

  • Edit the file /opt/oxd-server/conf/oxd-default-site-config.json

    • Change the OP HOST name to your OpenID Provider domain at the line "op_host": "https://<idp-hostname>"

    • Change the response_types line to "response_types": ["code"]

  • To start oxd-server, run the following command or click here for more detailed instructions:

/etc/init.d/oxd-server start

Demosite Deployment#

Install oxd-spring

Your client application must have a valid SSL certificate, so the URL includes: https://

The client hostname should be a valid hostname(FQDN), not a localhost or an IP address. You can configure the hostname by adding the following entry in the host file:


Host file location /etc/host : client.example.com


Host file location C:\Windows\System32\drivers\etc\host : client.example.com

Clone oxd-spring from Github repo and run maven command to install it:

cd oxd-spring 
mvn clean package -Dmaven.test.skip=true

Now you can run the executable jar:

java -jar target/oxd-spring-0.0.1-SNAPSHOT.jar

Point your browser to https://client.example.com:8443/ and log into ce-dev3.gluu.org using test credentials: test_user/test_user_password


oxd-server must run on localhost and be bound to port: 8099, otherwise you'll need to configure oxd-spring/src/main/resources/application.properties file.

Customize oxd-spring

To use your own server as an OpenID Provider you need to modify the oxd.server.op-host property from oxd-spring/src/main/resources/application.properties, e.g:


Make sure the server is already installed on your machine, or you can follow this guide to install it.