W3C home > Mailing lists > Public > public-xg-webid@w3.org > January 2012

WebIDRealm - Modes - UsageScenarios

From: Jürgen Jakobitsch <j.jakobitsch@semantic-web.at>
Date: Mon, 02 Jan 2012 14:06:35 +0100 (CET)
To: "public-xg-webid@w3.org XG" <public-xg-webid@w3.org>
Message-ID: <5991825d-25de-4c26-a78b-0672210a04b5@zcs>
hi,

just to give you an example there are two usage scenarios supported by WebIDRealm following :

1. use virtuoso to store roles information
   1.1. mode = DEREFERENCE_ONLY

        - Extend a WebIDDatabaseFactoryBase [1] [2] class that creates a Virtuoso Sail Repository using virtuoso's Sail implementation.
        - Set the role-graph-uri for the roles-graph in tomcat's server.xml (where the Factory is defined)
        - Set mode to DEREFERENCE_ONLY (in tomcat's server.xml)

        WebIDRealm will try to dereference the WebIDClaim over http and lookup associated role in the roles-graph in virtuoso.
        If the WebIDClaim is in the required role for a certain webapp-resource access is granted.

2. use virtuoso to store roles and webid information
   1.2. mode = DEREFERENCE_NO

        - this would be the usage scenario for ultra secure intranets, where there's no connection to data from outer space.
        - Extend a WebIDDatabaseFactoryBase [1] [2] class that creates a Virtuoso Sail Repository using virtuoso's Sail implementation.
        - Set the roles-graph-uri for the roles-graph in tomcat's server.xml (please note that the roles should be in a separate graph
          where users don't have access to.)
        - Set the user-graph-uri for the users-graph in tomcat's server.xml (this would be the graph where all foaf-statements and cert:key
          statements are stored)
        - Set mode to DEREFERENCE_NO (in tomcat's server.xml)
    
        WebIDRealm will look for the WebIDClaims from the certificate only in users-graph in virtuoso and check associated roles in the roles-graph
        in virtuoso.
        In this setup it is possible to use any uri as WebID.


wkr http://www.turnguard.com/turnguard


[1] please note that javadocs will follow soon (this week)
[2] please note that the source on sourceforge will be updated soon (this week) (currently only the old version is available)

-- 
| Jürgen Jakobitsch, 
| Software Developer
| Semantic Web Company GmbH
| Mariahilfer Straße 70 / Neubaugasse 1, Top 8
| A - 1070 Wien, Austria
| Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22

COMPANY INFORMATION
| http://www.semantic-web.at/

PERSONAL INFORMATION
| web   : http://www.turnguard.com
| foaf  : http://www.turnguard.com/turnguard
| skype : jakobitsch-punkt
Received on Monday, 2 January 2012 13:07:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 2 January 2012 13:07:05 GMT