Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Latest commit dd70c46
Oct 25, 2011
|Failed to load latest commit information.|
This repository contains a number of java packages for deploying WebID in servlet containers. This code is proof of concept code and not tuned for serious use. You need to set-up tomcat by following the procedure written out here: http://blogs.oracle.com/bblfish/entry/how_to_setup_tomcat_as This will request client certificates on connection, and will make sure the usual TLS CA verification mechanism is bypassed. The packages to be found here are: foafssl-verifier: The core verification package. foafssl-verifier-sesame: A implementation of verification using the Sesame rdf store foafssl-filter: A Servlet Filter that captures the certificate information from the attributes passed to the servlet X509Certificate certs = (X509Certificate) req .getAttribute("javax.servlet.request.X509Certificate"); and verifies the authentication using the foafssl-verifier packages foafssl-identity-provider: foafssl-identity-provider-webapp: An Identity Provider WebApp as a demo application. This example app is a redirector. It allows one application server to specialise in logging in users, and it redirects them to the main server. This is a very particular application of WebID. A fully enabled WebID application should do the authentciation itself, as this will be a lot more efficient, and improve the user experience. keygen: This contains the functionality to allow web apps to create keys for keygen enabled browsers and IE inbuilt ActiveX conrol WebID is integrated much more closely in the bblfish branch of Clerezza which you can find https://github.com/bblfish/clerezza That shows how certificate creation can be tied into user accounts, how authentication works, contains a test suite, and allows authentication of WebID users without giving them an account.