Re: WebIDTestServer updated

On 23 Jan 2012, at 20:32, Jürgen Jakobitsch wrote:

> hi,
> 
> 1. i have updated WebIDTestServer [1] to throw an DereferenceException,
> when there's a non-#-uri and the server response is 200 OK and
> HttpURLConnection.getURL() is still the same (no redirect took place).

We still have not quite worked out what the dangers to authentication 
are if confusion arises, other than saying that it is confusing and
crackers always attempt to use confusion to reach their aims. But of course
not all deviance from strictness is equally problematic.  

So at this stage it may be better I think to flag a warning rather than
an error. The fact that you notice this is pretty good. 

> 
> it might not be a perfect solution but does it right now, with only one
> connection.
> 
> 2. i have successfully tested a setup of webIDRealm  with a virtuoso server as backend.
>   in my test setup there's one userGraph and one rolesGraph in virtuoso.
>   the userGraph contains WebIDProfiles, the rolesGraph contains information
>   about the roles one user is a member of.
> 
>   i tested with WebIDRealm's DEREFERENCE_NO - mode, which will look for
>   statements about a WebIDClaim only in the underlying Repository, which
>   in this case was a virtuoso server, reached via virtuoso's sesame adapter.
> 
>   one of the advantages of this setup is that one can control access
>   to more or less any number of tomcats from one single virtuoso.

Very nice. 

( Btw. I get an SSL connection exception when connecting to your site. ) 


	Henry


> 
> wkr j
> 
> [1] http://webid.turnguard.com/WebIDTestServer/
> 
> --
> | Jürgen Jakobitsch,
> | Software Developer
> | Semantic Web Company GmbH
> | Mariahilfer Straße 70 / Neubaugasse 1, Top 8
> | A - 1070 Wien, Austria
> | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22
> 
> COMPANY INFORMATION
> | http://www.semantic-web.at/
> 
> PERSONAL INFORMATION
> | web       : http://www.turnguard.com
> | foaf      : http://www.turnguard.com/turnguard
> | skype     : jakobitsch-punkt
> | xmlns:tg  = "http://www.turnguard.com/turnguard#"
> 
> 

Social Web Architect
http://bblfish.net/

Received on Monday, 23 January 2012 20:22:21 UTC