File: authwebid.html

package info (click to toggle)
lemonldap-ng 1.9.7-3%2Bdeb9u2
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 39,024 kB
  • sloc: perl: 37,552; makefile: 922; sh: 472; sql: 5
file content (161 lines) | stat: -rw-r--r-- 7,105 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
 
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
  <meta charset="utf-8" />
  <title>documentation:1.9:authwebid</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,1.9,authwebid"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authwebid.html"/>
<link rel="contents" href="authwebid.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
  <link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
  <link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
  <link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:1.9';var JSINFO = {"id":"documentation:1.9:authwebid","namespace":"documentation:1.9"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
  <script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
  <script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
  <script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
  <script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>

<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#apache_configuration">Apache configuration</a></div></li>
<li class="level2"><div class="li"><a href="#tests">Tests</a></div></li>
</ul></li>
</ul>
</div>
</div>
<!-- TOC END -->

<h1 class="sectionedit1" id="webid">WebID</h1>
<div class="level1">
<div class="table sectionedit2"><table class="inline table table-bordered table-striped">
	<thead>
	<tr class="row0 roweven">
		<th class="col0 centeralign">  Authentication  </th><th class="col1 centeralign">  Users  </th><th class="col2 centeralign">  Password  </th>
	</tr>
	</thead>
	<tr class="row1 rowodd">
		<td class="col0 centeralign">  ✔  </td><td class="col1 centeralign">  ✔  </td><td class="col2"> </td>
	</tr>
</table></div>
<!-- EDIT2 TABLE [22-85] -->
</div>
<!-- EDIT1 SECTION "WebID" [1-86] -->
<h2 class="sectionedit3" id="presentation">Presentation</h2>
<div class="level2">

<p>
<a href="http://www.w3.org/wiki/WebID" class="urlextern" title="http://www.w3.org/wiki/WebID"  rel="nofollow">WebID</a> is a way to uniquely identify a person, company, organisation, or other agent using a <abbr title="Uniform Resource Identifier">URI</abbr> and a certificate.
</p>

<p>
You need <a href="https://metacpan.org/release/Web-ID" class="urlextern" title="https://metacpan.org/release/Web-ID"  rel="nofollow">Web::ID</a> package.
</p>

</div>
<!-- EDIT3 SECTION "Presentation" [87-328] -->
<h2 class="sectionedit4" id="configuration">Configuration</h2>
<div class="level2">

<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose WebID for authentication module. You can also use WebID as user database.
</p>

<p>
Then, go in <code>WebID parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for this module.</div>
</li>
<li class="level1"><div class="li"> <strong>WebID whitelist</strong>: list of space separated hosts granted to host FOAF document. You can use &#039;*&#039; character. Example :<pre class="code">*.partner.com</pre>
</div>
</li>
</ul>

<p>
If you use WebID as user database, declare values in <strong>exported variables</strong> :
</p>
<ul>
<li class="level1"><div class="li"> use any key name you want. If you want to refuse access when a data is missing, just add a “!” before the key name</div>
</li>
<li class="level1"><div class="li"> in the value field, set the field name. Take a look at <a href="http://xmlns.com/foaf/spec/#sec-crossref" class="urlextern" title="http://xmlns.com/foaf/spec/#sec-crossref"  rel="nofollow">http://xmlns.com/foaf/spec/#sec-crossref</a>. Example :<pre class="code">name =&gt; foaf:name</pre>
</div>
</li>
</ul>

<p>
See also <a href="exportedvars.html" class="wikilink1" title="documentation:1.9:exportedvars">exported variables configuration</a>.
</p>

</div>
<!-- EDIT4 SECTION "Configuration" [329-1168] -->
<h3 class="sectionedit5" id="apache_configuration">Apache configuration</h3>
<div class="level3">

<p>
Portal host must be configured to use SSL and must ask for client certificate. It is recommended to use optional_no_ca since WebID doesn&#039;t use certificate authorities :
</p>
<pre class="code file apache">&lt;<span class="kw3">VirtualHost</span> _default_:<span class="nu0">443</span>&gt;
<span class="kw1">ServerName</span> auth.example.com
<span class="kw1">SSLEngine</span> <span class="kw2">on</span>
<span class="kw1">SSLCertificateFile</span> ...
<span class="kw1">SSLCertificateKeyFile</span> ...
<span class="kw1">SSLVerifyClient</span> optional_no_ca
...
&lt;/<span class="kw3">VirtualHost</span>&gt;</pre>

</div>
<!-- EDIT5 SECTION "Apache configuration" [1169-1560] -->
<h3 class="sectionedit6" id="tests">Tests</h3>
<div class="level3">

<p>
To test this, you can build your own WebID certificate using one of :
</p>
<ul>
<li class="level1"><div class="li"> <a href="https://metacpan.org/module/Web::ID::Certificate::Generator" class="urlextern" title="https://metacpan.org/module/Web::ID::Certificate::Generator"  rel="nofollow">Web::ID::Certificate::Generator</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://my-profile.eu/" class="urlextern" title="https://my-profile.eu/"  rel="nofollow">my-profile.eu</a></div>
</li>
<li class="level1"><div class="li"> <a href="https://gist.github.com/njh/2432427" class="urlextern" title="https://gist.github.com/njh/2432427"  rel="nofollow">gen-webid-cert.sh</a></div>
</li>
</ul>

</div>
<!-- EDIT6 SECTION "Tests" [1561-] --></div>
</body>
</html>