119 lines
4.3 KiB
HTML
119 lines
4.3 KiB
HTML
![]() |
|
||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
|
||
|
lang="en" dir="ltr">
|
||
|
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<title></title>
|
||
|
<!-- metadata -->
|
||
|
<meta name="generator" content="Offline" />
|
||
|
<meta name="version" content="Offline 0.1" />
|
||
|
<!-- style sheet links -->
|
||
|
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
|
||
|
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
|
||
|
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
|
||
|
|
||
|
</head>
|
||
|
<body>
|
||
|
<div class="dokuwiki export">
|
||
|
|
||
|
|
||
|
|
||
|
|
||
|
<h1><a name="webid" id="webid">WebID</a></h1>
|
||
|
<div class="level1">
|
||
|
<table class="inline">
|
||
|
<tr class="row0 roweven">
|
||
|
<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
|
||
|
</tr>
|
||
|
<tr class="row1 rowodd">
|
||
|
<td class="col0 centeralign"> ✔ </td><td class="col1 centeralign"> ✔ </td><td class="col2"> </td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
</div>
|
||
|
<!-- SECTION "WebID" [1-79] -->
|
||
|
<h2><a name="presentation" id="presentation">Presentation</a></h2>
|
||
|
<div class="level2">
|
||
|
|
||
|
<p>
|
||
|
|
||
|
<a href="http://www.w3.org/wiki/WebID" class="urlextern" title="http://www.w3.org/wiki/WebID" rel="nofollow">WebID</a> is a way to uniquely identify a person, company, organisation, or other agent using a <acronym title="Uniform Resource Identifier">URI</acronym> and a certificate.
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
You need <a href="https://metacpan.org/release/Web-ID" class="urlextern" title="https://metacpan.org/release/Web-ID" rel="nofollow">Web::ID</a> package.
|
||
|
</p>
|
||
|
|
||
|
</div>
|
||
|
<!-- SECTION "Presentation" [80-321] -->
|
||
|
<h2><a name="configuration" id="configuration">Configuration</a></h2>
|
||
|
<div class="level2">
|
||
|
|
||
|
<p>
|
||
|
|
||
|
In Manager, go in <code>General Parameters</code> > <code>Authentication modules</code> and choose WebID for authentication module. You can also use WebID as user database.
|
||
|
</p>
|
||
|
|
||
|
<p>
|
||
|
Then, go in <code>WebID parameters</code>:
|
||
|
</p>
|
||
|
<ul>
|
||
|
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for this module.</div>
|
||
|
</li>
|
||
|
<li class="level1"><div class="li"> <strong>WebID whitelist</strong>: list of space separated hosts granted to host FOAF document. You can use '*' character. Example :<pre class="code">*.partner.com</pre>
|
||
|
</div>
|
||
|
</li>
|
||
|
</ul>
|
||
|
|
||
|
<p>
|
||
|
|
||
|
If you use WebID as user database, declare values in exported variables :
|
||
|
</p>
|
||
|
<ul>
|
||
|
<li class="level1"><div class="li"> use any key name you want. If you want to refuse access when a data is missing, just add a ”!” before the key name</div>
|
||
|
</li>
|
||
|
<li class="level1"><div class="li"> in the value field, set the field name. Take a look at <a href="http://xmlns.com/foaf/spec/#sec-crossref" class="urlextern" title="http://xmlns.com/foaf/spec/#sec-crossref" rel="nofollow">http://xmlns.com/foaf/spec/#sec-crossref</a>. Example :<pre class="code">name => foaf:name</pre>
|
||
|
</div>
|
||
|
</li>
|
||
|
</ul>
|
||
|
|
||
|
</div>
|
||
|
<!-- SECTION "Configuration" [322-1095] -->
|
||
|
<h3><a name="apache_configuration" id="apache_configuration">Apache configuration</a></h3>
|
||
|
<div class="level3">
|
||
|
|
||
|
<p>
|
||
|
|
||
|
Portal host must be configured to use <acronym title="Secure Sockets Layer">SSL</acronym> and must ask for client certificate. It is recommended to use optional_no_ca since WebID doesn't use certificate authorities :
|
||
|
|
||
|
</p>
|
||
|
<pre class="code">
|
||
|
<VirtualHost _default_:443>
|
||
|
ServerName auth.example.com
|
||
|
SSLEngine on
|
||
|
SSLCertificateFile ...
|
||
|
SSLCertificateKeyFile ...
|
||
|
SSLVerifyClient optional_no_ca
|
||
|
...
|
||
|
</VirtualHost>
|
||
|
</pre>
|
||
|
|
||
|
</div>
|
||
|
<!-- SECTION "Apache configuration" [1096-1480] -->
|
||
|
<h3><a name="tests" id="tests">Tests</a></h3>
|
||
|
<div class="level3">
|
||
|
|
||
|
<p>
|
||
|
|
||
|
To test this, you can build your own WebID certificate using one of :
|
||
|
* <a href="https://metacpan.org/module/Web::ID::Certificate::Generator" class="urlextern" title="https://metacpan.org/module/Web::ID::Certificate::Generator" rel="nofollow">Web::ID::Certificate::Generator</a>
|
||
|
* <a href="https://my-profile.eu/" class="urlextern" title="https://my-profile.eu/" rel="nofollow">my-profile.eu</a>
|
||
|
* <a href="https://gist.github.com/njh/2432427" class="urlextern" title="https://gist.github.com/njh/2432427" rel="nofollow">gen-webid-cert.sh</a>
|
||
|
|
||
|
</p>
|
||
|
|
||
|
</div>
|
||
|
<!-- SECTION "Tests" [1481-] --></div><!-- closes <div class="dokuwiki export">-->
|