W3C home > Mailing lists > Public > public-xg-webid@w3.org > August 2011

Re: web-id starter question

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Tue, 2 Aug 2011 11:33:36 +0200
Message-ID: <CAKaEYhKfuzjbkKDnedUrATHXe8F3HPt0Ny=imX8d421diPr00g@mail.gmail.com>
To: Jürgen Jakobitsch <j.jakobitsch@semantic-web.at>
Cc: WebID XG <public-xg-webid@w3.org>, Akbar Hossain <akkiehossain@gmail.com>
On 2 August 2011 10:05, Jürgen Jakobitsch <j.jakobitsch@semantic-web.at> wrote:
> hi,
>
> first off : congrats to this great project, i set up my web-id without any hassle
> and it is very much to my liking.

Great! :)

> i'm a complete newbie with ssl, web-id and stuff..., so please excuse my ignorance...
>
> i of course want now want to develop some showcase and demo in our company, so my
> questions are :
>
> 1. is there a best practice regarding usage of an idp like https://auth.fcns.eu/?
>
> the thing is, i don't really understand, what i should do with the response from
> an idp.
>
> in a servlet for example an if(request.getParameter("error")==null && request.getParameter("webid")!=null && request.getHeader("referer")=="http://idp.org"){
>   logIn = true;
> }
>
> doesn't seem ok to me.
>
> is there an example?

I think you need to verify the signature.  For example in PHP you can use:

http://php.net/manual/en/function.openssl-verify.php

Henry probably has some code in java for this.

>
>
> 2. on the other hand i'm trying to get a ssl-tomcat up and running and be asked by a servlet to choose
> one of my certificates.
> amongst other guides, i tried this one http://virgo47.wordpress.com/2010/08/23/tomcat-web-application-with-ssl-client-certificates/
> without much of a success. i'm quite sure, i'm missing something...
>
> any gentle pointer into the right direction is greatly appreciated.
>
> wkr jürgen
>
> p.s.:
>
> logging in to http://foaf.me/ sometimes gives me strange results. besides taking very long,
> i'm sometimes presented with wrong data, like
> (right upper corner) logout http://some.uri.that.is.not.mine

I no longer look after foaf.me, but I've cc'd Akbar who runs the server.

>
> or
>
> Unknown FOAF format
> http://semantictweet.com/therealcrailtap
> powered by FOAF.Vix 1.0
>
> in the "me" tab.
>
> --
> punkt. netServices | Semantic Web Company
> ______________________________
> Jürgen Jakobitsch
> Codeography
>
> Lerchenfelder Gürtel 43 Top 5/2
> A - 1160 Wien
> Tel.: 01 / 897 41 22 - 29
> Fax: 01 / 897 41 22 - 22
>
> http://www.punkt.at | http://www.semantic-web.at
>
> web   : http://www.turnguard.com
> foaf  : http://www.turnguard.com/turnguard
> skype : jakobitsch-punkt
>
>
>
>
>
Received on Tuesday, 2 August 2011 09:34:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 August 2011 09:34:04 GMT