Skip to content

digitalbazaar/webid-demo

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 

Repository files navigation

WebID Demo
==========

A demonstration implementation of using the WebID protocol to perform
login on a website without the need for browser-based client-certificate
support.

Introduction
------------

This is an experimental implementation of the WebID protocol. Typically,
WebID requires there to be native browser support for client-side 
certificates in web browsers. This particular implementation of WebID
does not require any native browser support. JavaScript is used to 
perform all of the cryptography support while Flash is used to perform
cross-domain socket communication. Over time, we expect the Flash requirement
to go away and pure JavaScript to drive the WebID login process as 
native socket support in Web Browsers is improved. The benefit to 
this approach is that the website stays in control of the entire login 
process instead of relegating the login flow to a, depending on the browser, 
bad UI.

Getting Started
---------------

### Requirements

* Apache2
* PHP5
* librdf (redland)
* Apache2 Flash Socket Policy Module
* Forge
* nodejs

* You will need to replace "webid.digitalbazaar.com" with your provider domain
in both the provider and verifier code.
* You will need to replace "payswarm.com" with your verifier domain in both
the provider and verifier code.

### Setting up Apache2

* Follow the instructions in the Forge README for adding mod_fsp to your
Apache install. This will enable cross-domain communication between your
provider and verifier.

### Setting up the Provider

* The provider will need the Forge JavaScript libraries
  https://github.com/digitalbazaar/forge
* Place the forge javascript and swf into the provider/forge directory.
* The provider will need to serve the provider/ directory.

### Setting up the Verifier

* The verifier will need to serve the verifier/ directory.
* To support WebSocket login, the verifier will need the Forge
  JavaScript libraries and node.js
* Place the forge javascript into the verifier/websocket/forge directory.
* To run the node.js websocket server, from the websocket directory,
  run: <nodejs binary> nodejs-ws-webid.js \
  -p <port> --key <privateKey> --cert <certificate>

### Performing a Test Login

* First, using a web browser, navigate to the provider server and create
a WebID.
* Second, navigate to the verifier server and follow the on screen
instructions to attempt a login using your created WebID.