FusionForge

Difference between revisions of "Auth WebID Plugin"

From FusionForge Wiki
Jump to: navigation, search
m (add availibity release version)
m (add wikipedia link)
 
Line 3: Line 3:
 
|directory=authwebid
 
|directory=authwebid
 
|description=
 
|description=
This <tt>authwebid</tt> plugin allows [http://en.wikipedia.org/wiki/Single_Sign-On SSO] with "one-clik" through the use of WebID. Plugin available since FusionForge 5.3.x .
+
This <tt>authwebid</tt> plugin allows [http://en.wikipedia.org/wiki/Single_Sign-On SSO] with "one-clik" through the use of [http://en.wikipedia.org/wiki/WebID#WebID_Protocol WebID]. Plugin available since FusionForge 5.3.x .
 
|maintainer_list=
 
|maintainer_list=
 
|status=maintained  
 
|status=maintained  

Latest revision as of 20:13, 8 April 2013

Name
Auth WebID Plugin
Description
This authwebid plugin allows SSO with "one-clik" through the use of WebID. Plugin available since FusionForge 5.3.x .
Directory
/plugins/authwebid
Plugin Changelog
Plugin Changelog for authwebid
Maintainer(s)
Status
maintained
Compatibility
Matrix by Fusionforge Version and by Linux Distribution
distribution\version 4.8.x 5.0.x 5.1.x 5.2.x 5.3.x 6.0.x master
Debian undefined undefined undefined undefined undefined undefined undefined
CentOS undefined undefined undefined undefined undefined undefined undefined



WebID is a proposed standard to integrate the use of SSL client certs and FOAF (to describe a person's profile) in order to provide an authentication "token" for Web services.

This authwebid plugin allows SSO with "one-clik" through the use of WebID.

The principle is to bind existing fusionforge user accounts to URIs (the WebIDs in question), and to delegate to a third party WebID identity provider the responsability to verify the authentication with these WebIDs.

The admin of the forge must then trust that WebID Identity Provider (IdP) to properly verify the user's SSL client cert associated to that WebID (see the WebID specs for the principles of WebID's use of SSL client certs).

Popular WebID Idp are foafssl.org and auth.my-profile.eu.

The plugin relies on the WebIDDelegatedAuth library which embeds the necessary bits to check the IdP's response.

For those used to OpenID or BrowserID, it's more or less the same principle, but under the hood, WebID uses Semantic Web standards like RDF (FOAF) and SSL certs, is distributed by mature, rendering authentication less prone to monopolies (among other nice properties).

The code was committed to the trunk, but works on 5.2.

See the corresponding initial feature request : #311 Provide a WebID authentication plugin