dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add doc for WebID

Browse Source
This commit is contained in:
Xavier Guimard 2013-10-13 12:58:14 +00:00
parent 61e68ae5d8
commit 6a7d7627ba
5 changed files with 139 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/index/alphabetical.html
View File

File diff suppressed because one or more lines are too long

7
doc/pages/documentation/1.3/authfacebook.html
View File

@ -84,5 +84,12 @@ If you use Facebook as user database, declare values in exported variables :
</li>
</ul>
<p>
<p><div class="notetip">You can use the same Facebook access token in your applications. It is stored in session datas under the name <strong>$_facebookToken</strong>
</div></p>
</p>
</div>
<!-- SECTION "Configuration" [661-] --></div><!-- closes <div class="dokuwiki export">-->

119
doc/pages/documentation/1.3/authwebid.html Normal file
View File

@ -0,0 +1,119 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
lang="en" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<!-- metadata -->
<meta name="generator" content="Offline" />
<meta name="version" content="Offline 0.1" />
<!-- style sheet links -->
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
</head>
<body>
<div class="dokuwiki export">
<h1><a name="webid" id="webid">WebID</a></h1>
<div class="level1">
<table class="inline">
<tr class="row0 roweven">
<th class="col0">Authentication </th><th class="col1"> Users </th><th class="col2"> Password </th>
</tr>
<tr class="row1 rowodd">
<td class="col0 centeralign"></td><td class="col1 centeralign"></td><td class="col2"> </td>
</tr>
</table>
</div>
<!-- SECTION "WebID" [1-79] -->
<h2><a name="presentation" id="presentation">Presentation</a></h2>
<div class="level2">
<p>
<a href="http://www.w3.org/wiki/WebID" class="urlextern" title="http://www.w3.org/wiki/WebID" rel="nofollow">WebID</a> is a way to uniquely identify a person, company, organisation, or other agent using a <acronym title="Uniform Resource Identifier">URI</acronym> and a certificate.
</p>
<p>
You need <a href="https://metacpan.org/release/Web-ID" class="urlextern" title="https://metacpan.org/release/Web-ID" rel="nofollow">Web::ID</a> package.
</p>
</div>
<!-- SECTION "Presentation" [80-321] -->
<h2><a name="configuration" id="configuration">Configuration</a></h2>
<div class="level2">
<p>
In Manager, go in <code>General Parameters</code> &gt; <code>Authentication modules</code> and choose WebID for authentication module. You can also use WebID as user database.
</p>
<p>
Then, go in <code>WebID parameters</code>:
</p>
<ul>
<li class="level1"><div class="li"> <strong>Authentication level</strong>: authentication level for this module.</div>
</li>
<li class="level1"><div class="li"> <strong>WebID whitelist</strong>: list of space separated hosts granted to host FOAF document. You can use &#039;*&#039; character. Example :<pre class="code">*.partner.com</pre>
</div>
</li>
</ul>
<p>
If you use WebID as user database, declare values in exported variables :
</p>
<ul>
<li class="level1"><div class="li"> use any key name you want. If you want to refuse access when a data is missing, just add a ”!” before the key name</div>
</li>
<li class="level1"><div class="li"> in the value field, set the field name. Take a look at <a href="http://xmlns.com/foaf/spec/#sec-crossref" class="urlextern" title="http://xmlns.com/foaf/spec/#sec-crossref" rel="nofollow">http://xmlns.com/foaf/spec/#sec-crossref</a>. Example :<pre class="code">name =&gt; foaf:name</pre>
</div>
</li>
</ul>
</div>
<!-- SECTION "Configuration" [322-1095] -->
<h3><a name="apache_configuration" id="apache_configuration">Apache configuration</a></h3>
<div class="level3">
<p>
Portal host must be configured to use <acronym title="Secure Sockets Layer">SSL</acronym> and must ask for client certificate. It is recommended to use optional_no_ca since WebID doesn&#039;t use certificate authorities :
</p>
<pre class="code">
&lt;VirtualHost _default_:443&gt;
ServerName auth.example.com
SSLEngine on
SSLCertificateFile ...
SSLCertificateKeyFile ...
SSLVerifyClient optional_no_ca
...
&lt;/VirtualHost&gt;
</pre>
</div>
<!-- SECTION "Apache configuration" [1096-1480] -->
<h3><a name="tests" id="tests">Tests</a></h3>
<div class="level3">
<p>
To test this, you can build your own WebID certificate using one of :
* <a href="https://metacpan.org/module/Web::ID::Certificate::Generator" class="urlextern" title="https://metacpan.org/module/Web::ID::Certificate::Generator" rel="nofollow">Web::ID::Certificate::Generator</a>
* <a href="https://my-profile.eu/" class="urlextern" title="https://my-profile.eu/" rel="nofollow">my-profile.eu</a>
* <a href="https://gist.github.com/njh/2432427" class="urlextern" title="https://gist.github.com/njh/2432427" rel="nofollow">gen-webid-cert.sh</a>
</p>
</div>
<!-- SECTION "Tests" [1481-] --></div><!-- closes <div class="dokuwiki export">-->

19
doc/pages/documentation/1.3/start.html
View File

@ -180,12 +180,15 @@
<td class="col0"> <a href="../../documentation/1.3/authtwitter.html" class="wikilink1" title="documentation:1.3:authtwitter">Twitter</a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
</tr>
<tr class="row21 rowodd">
<td class="col0"> <a href="../../documentation/1.3/authwebid.html" class="wikilink1" title="documentation:1.3:authwebid">WebID</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td>
</tr>
<tr class="row22 roweven">
<td class="col0"> <a href="../../documentation/1.3/authyubikey.html" class="wikilink1" title="documentation:1.3:authyubikey">Yubikey</a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
</tr>
</table>
</div>
<!-- SECTION "Authentication, users and password databases" [1122-2420] -->
<!-- SECTION "Authentication, users and password databases" [1122-2464] -->
<h3><a name="configuration_database" id="configuration_database">Configuration database</a></h3>
<div class="level3">
@ -225,7 +228,7 @@
</p>
</div>
<!-- SECTION "Configuration database" [2421-3527] -->
<!-- SECTION "Configuration database" [2465-3571] -->
<h3><a name="sessions_database" id="sessions_database">Sessions database</a></h3>
<div class="level3">
@ -268,7 +271,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</table>
</div>
<!-- SECTION "Sessions database" [3528-5365] -->
<!-- SECTION "Sessions database" [3572-5409] -->
<h3><a name="identity_provider" id="identity_provider">Identity provider</a></h3>
<div class="level3">
@ -305,7 +308,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- SECTION "Identity provider" [5366-5804] -->
<!-- SECTION "Identity provider" [5410-5848] -->
<h2><a name="applications_protection" id="applications_protection">Applications protection</a></h2>
<div class="level2">
@ -330,7 +333,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Applications protection" [5805-6217] -->
<!-- SECTION "Applications protection" [5849-6261] -->
<h2><a name="advanced_features" id="advanced_features">Advanced features</a></h2>
<div class="level2">
@ -373,7 +376,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Advanced features" [6218-6987] -->
<!-- SECTION "Advanced features" [6262-7031] -->
<h2><a name="mini_howtos" id="mini_howtos">Mini howtos</a></h2>
<div class="level2">
@ -402,7 +405,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Mini howtos" [6988-7618] -->
<!-- SECTION "Mini howtos" [7032-7662] -->
<h2><a name="exploitation" id="exploitation">Exploitation</a></h2>
<div class="level2">
@ -431,4 +434,4 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</ul>
</div>
<!-- SECTION "Exploitation" [7619-] --></div><!-- closes <div class="dokuwiki export">-->
<!-- SECTION "Exploitation" [7663-] --></div><!-- closes <div class="dokuwiki export">-->

2
doc/pages/start.html
View File

@ -285,6 +285,6 @@ LemonLDAP::NG is the first <acronym title="Single Sign On">SSO</acronym> softwar
<a href="/_detail/icons/clock.png?id=start" class="media" title="icons:clock.png"><img src="../media/icons/clock.png" class="media" alt="" /></a>
</div>
</p>
<ul class="rss"><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2960" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2960" rel="nofollow">Rev 2960 -- Add URL in AuthChoice, to post form on another vhost ...</a> by clement_oudot (2013/10/11 11:01)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2959" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2959" rel="nofollow">Rev 2959 -- make tidy</a> by guimard (2013/10/09 21:37)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2958" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2958" rel="nofollow">Rev 2958 -- Adding LDAP backend for notification references: #LEMONLDAP-457</a> by dcoutadeur (2013/10/09 16:53)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2957" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2957" rel="nofollow">Rev 2957 -- New conf storage: JSONFile, just for fun</a> by guimard (2013/10/09 06:05)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2956" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2956" rel="nofollow">Rev 2956 -- TODO or not TODO, that&#039;s the question (#LEMONDAP-584)</a> by clement_oudot (2013/10/08 16:23)</div></li></ul>
<ul class="rss"><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2974" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2974" rel="nofollow">Rev 2974 -- UserDBWebID seems to be finished</a> by guimard (2013/10/13 14:33)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2973" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2973" rel="nofollow">Rev 2973 -- Remove debug line</a> by guimard (2013/10/13 14:32)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2972" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2972" rel="nofollow">Rev 2972 -- AuthWebID seems to be ready...</a> by guimard (2013/10/13 14:15)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2971" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2971" rel="nofollow">Rev 2971 -- Use user* methods instead of lmLog for user actions (can ...</a> by guimard (2013/10/13 14:15)</div></li><li><div class="li"><a href="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2970" class="urlextern" title="http://websvn.ow2.org/revision.php?repname=lemonldap&amp;path=%2F&amp;isdir=1&amp;rev=2970" rel="nofollow">Rev 2970 -- Split tests: certificate can exist without having wanted attribute</a> by guimard (2013/10/13 14:13)</div></li></ul>
</div>
<!-- SECTION "SVN activity" [3372-] --></div><!-- closes <div class="dokuwiki export">-->