How to run the Connect2id server in a Docker container
The Connect2id server is now also available as a Docker image for easy container-based setup and evaluation.
1. Installing Docker
If Docker isn’t already installed on your computer you can find instructions here. The Community Edition (CE) is sufficient to run a Connect2id server.
2. Content of the Docker image
The provided Docker image includes the required Java runtime and an exploded copy of the ZIP package we make available for download — a Tomcat servlet container with a Connect2id server WAR, an OpenID relying party client and a few other sample WARs deployed in it. A relational database (H2 in embedded mode) for the Connect2id server to persist its own data is also included.
3. Configuring the Connect2id server
The Connect2id server configuration is located in a set of
properties files in the
/WEB-INF/ directory of its web application archive
Any of those properties can be overridden by injecting a text file with the new
properties into the Docker container at
injection can be done by means of a volume, bind mount or a custom storage
driver. The steps below use the bind
4. To run in a container
Important: The currently provided Docker image uses host networking, which has no isolation between host and container and is limited to Linux hosts.
The basic steps to run the Connect2id server in a Docker container:
Pull the latest image from Docker Hub
docker pull c2id/c2id-server:latest
(Optional) Save your custom properties in a override.properties file
op.issuer = https://my.idp.com op.authz.endpoint = https://my.idp.com/login op.authz.apiAccessToken = vuxiehaiGhohrahJeik0ui0aib9jai9c op.reg.apiAccessToken = Oosoje7choh1dom8ahng4kueQuoo6la0 op.logout.apiAccessToken = eik1Oosahpaic5dei2ioco4og9rahkee authzStore.apiAccessToken = Ahrek9shie3Eidaex9lu4biem7ahpeeb sessionStore.apiAccessToken = foo7ahM5koo9eiziah7ahwaequaek5ta monitor.apiAccessToken = caew6jaeX2phah8oolaoghaec0Heer8l jose.jwkSet = eyAia2V5cyIgOiBbIHsgImt0eSIgOi...
Run a container with the image
Replace host_port with an available port on your host.
Without a custom
docker run -p host_port:8080 --network host c2id/c2id-server:latest
With a custom
override.propertiesinjected via bind mount:
docker run -p host_port:8080 --mount type=bind,source="/directory/containing/override/file",target=/etc/c2id c2id/c2id-server:latest
For extra options that may be of use see the Docker run command reference.