File: authwebid.html

package info (click to toggle)
lemonldap-ng 1.3.3-1
  • links: PTS, VCS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 13,084 kB
  • ctags: 2,440
  • sloc: perl: 25,708; makefile: 622; sh: 176; php: 6; sql: 5
file content (123 lines) | stat: -rw-r--r-- 4,572 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
 lang="en" dir="ltr">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<!-- metadata -->
<meta name="generator" content="Offline" />
<meta name="version" content="Offline 0.1" />
<!-- style sheet links -->
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />

</head>
<body>
<div class="dokuwiki export">




<h1><a name="webid" id="webid">WebID</a></h1>
<div class="level1">
<table class="inline">
	<tr class="row0 roweven">
		<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
	</tr>
	<tr class="row1 rowodd">
		<td class="col0 centeralign">  ✔  </td><td class="col1 centeralign">  ✔  </td><td class="col2"> </td>
	</tr>
</table>

</div>
<!-- SECTION "WebID" [1-79] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">

<p>

<a href="http://www.w3.org/wiki/WebID" class="urlextern" title="http://www.w3.org/wiki/WebID"  rel="nofollow">WebID</a> is a way to uniquely identify a person, company, organisation, or other agent using a <acronym title="Uniform Resource Identifier">URI</acronym> and a certificate.
</p>

<p>
You need <a href="https://metacpan.org/release/Web-ID" class="urlextern" title="https://metacpan.org/release/Web-ID"  rel="nofollow">Web::ID</a> package.
</p>

</div>
<!-- SECTION "Presentation" [80-321] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">

<p>

In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose WebID for authentication module. You can also use WebID as user database.
</p>

<p>
Then, go in <code>WebID parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for this module.</div>
</li>
<li class="level1"><div class="li"> <strong>WebID whitelist</strong>: list of space separated hosts granted to host FOAF document. You can use &#039;*&#039; character. Example :<pre class="code">*.partner.com</pre>
</div>
</li>
</ul>

<p>

If you use WebID as user database, declare values in exported variables :
</p>
<ul>
<li class="level1"><div class="li"> use any key name you want. If you want to refuse access when a data is missing, just add a ”!” before the key name</div>
</li>
<li class="level1"><div class="li"> in the value field, set the field name. Take a look at <a href="http://xmlns.com/foaf/spec/#sec-crossref" class="urlextern" title="http://xmlns.com/foaf/spec/#sec-crossref"  rel="nofollow">http://xmlns.com/foaf/spec/#sec-crossref</a>. Example :<pre class="code">name =&gt; foaf:name</pre>
</div>
</li>
</ul>

</div>
<!-- SECTION "Configuration" [322-1095] -->
<h3><a name="apache_configuration" id="apache_configuration">Apache configuration</a></h3>
<div class="level3">

<p>

Portal host must be configured to use <acronym title="Secure Sockets Layer">SSL</acronym> and must ask for client certificate. It is recommended to use optional_no_ca since WebID doesn&#039;t use certificate authorities :

</p>
<pre class="code">
&lt;VirtualHost _default_:443&gt;
ServerName auth.example.com
SSLEngine on
SSLCertificateFile ...
SSLCertificateKeyFile ...
SSLVerifyClient optional_no_ca
...
&lt;/VirtualHost&gt;
</pre>

</div>
<!-- SECTION "Apache configuration" [1096-1480] -->
<h3><a name="tests" id="tests">Tests</a></h3>
<div class="level3">

<p>

To test this, you can build your own WebID certificate using one of :
</p>
<ul>
<li class="level1"><div class="li"> <a href="https://metacpan.org/module/Web::ID::Certificate::Generator" class="urlextern" title="https://metacpan.org/module/Web::ID::Certificate::Generator"  rel="nofollow">Web::ID::Certificate::Generator</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://my-profile.eu/" class="urlextern" title="https://my-profile.eu/"  rel="nofollow">my-profile.eu</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://gist.github.com/njh/2432427" class="urlextern" title="https://gist.github.com/njh/2432427"  rel="nofollow">gen-webid-cert.sh</a></div>
</li>
</ul>

</div>
<!-- SECTION "Tests" [1481-] --></div><!-- closes <div class="dokuwiki export">-->