Search⌘ K
AI Features
Home
Courses
JakartaEE Security Workshop

OpenID Connect Example

Explore how to implement OpenID Connect authentication in a JakartaEE application. Learn to set up a protected servlet, define user groups, handle callback logic, and configure OAuth2 settings with Payara Micro. Understand the entire flow from user login to token retrieval and secure your web application with practical examples.

We'll cover the following...

Create the project

We start from the project template that we defined in “Introduction to Window Shopping," and add the required dependencies and classes to it.

  • If you want to work within the Educative platform, simply use the project we’ve created at the end of this lesson. If you choose to work locally, you will need to create a Maven project openid as described in “Introduction to Window Shopping."

Maven dependencies

Since the OpenID Connect is not currently supported by version 3 of Security API, and Jakarta EE version 10 also uses the jakarta namespace, we will use the Payara Security connectors. This implementation provided the idea for the implementation within Security API 3, and thus it will be easy to switch to the standard version once it is available.

However, the Payara Security connectors are already available today using the javax namespace that most projects still use.

XML
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>be.rubus.security.workshop</groupId>
    <artifactId>openid</artifactId>
    <version>1.0-SNAPSHOT</version>
    <packaging>war</packaging>
    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <maven.compiler.source>11</maven.compiler.source>
        <maven.compiler.target>11</maven.compiler.target>
        <failOnMissingWebXml>false</failOnMissingWebXml>
    </properties>
    <dependencies>
        <dependency>
            <groupId>jakarta.platform</groupId>
            <artifactId>jakarta.jakartaee-web-api</artifactId>
            <version>8.0.0</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>fish.payara.security.connectors</groupId>
            <artifactId>security-connectors-api</artifactId>
            <version>2.1.0</version>
            <scope>provided</scope>
        </dependency>
    </dependencies>
    <build>
        <finalName>openid</finalName>
    </build>
</project>

Explanation

  • Lines 27–32: We add Payara Security Connectors API dependency to the project to have the necessary classes available at compile time. It should be added as provided, since it is already included within Payara Micro, the runtime we use throughout this workshop for testing.

Define Servlet(protected)

The provided example has a protected servlet ...