W3C home > Mailing lists > Public > public-xg-webid@w3.org > December 2011

webid to openid to azure to shib

From: Peter Williams <home_pw@msn.com>
Date: Fri, 23 Dec 2011 08:17:55 -0800
Message-ID: <SNT143-W60D7A71C0F1A669C28C6C692AB0@phx.gbl>
To: "public-xg-webid@w3.org" <public-xg-webid@w3.org>, <kidehen@openlinksw.com>




Kingsley's team has made a working run of webid -> openid -> ws-fedp, using Microsoft Azure' STS service as the bridge. Both of my certs (same key) with different webid (one pointing at a turtle file, one pointing an a blog page) work, and induce Microsoft Azure cloud STS to release a signed SAML token (evil XML with xml/dsig, of  course) to an assertion consuming service. To make it a better demo (and one that can be public), we really now need someone from the academic Shib community to join in. We need someone (ideally tied into the internet2 or UK equivalent projects) with a public Shib endpoint to first complete an Azure IDP to Shib SP interworking demo, using the production ADFS (ws-fedp) feature of the Shib 2.0 software. Then, we hook the two ends of the pipe together. There seems no reason why one cannot use webid to get access to the Shib world, at this point. Ill put up a demo website myself on Azure, later. I dont have any funds to pay for the compute hours, to keep the image operational. If somebody else wants to go get a trial Azure license (and some compute hours),  perhaps you can let me use it. A tiny image is fine. Ive already used my trial rights from Microsoft more than once (and I cannot abuse their goodwill any more...) For now, we will have to settle for an openid demo, with webid as the challenge. at https://openid.net/foundation/members/registration I used the following "openid" http://id.myopenlink.net/openid-proxy/id.vsp?w=http://yorkporc.blogspot.com/%23 as that is a pain, I just made a shorter http://tinyurl.com/pwopenid
Kingsley's ods system receives the openid request, challenges using webid, does ods magic (beyond my comprehension) concerning the semantic web, and returns an openid response to the openid foundation's registration page. i Do NOT have an account on the ODS system (as far as I know), and the ODS service is essentially a public bridge, for an webid <-> openid interworking.    		 	   		  
Received on Friday, 23 December 2011 16:18:33 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 23 December 2011 16:18:36 GMT