W3C home > Mailing lists > Public > public-webid@w3.org > June 2014

Re: Loosely Coupled Identification and Authentication Demo

From: Kingsley Idehen <kidehen@openlinksw.com>
Date: Sun, 29 Jun 2014 19:19:11 -0400
Message-ID: <53B09EEF.1040606@openlinksw.com>
To: Peter Williams <home_pw@msn.com>, "public-rww@w3.org" <public-rww@w3.org>, "public-webid@w3.org" <public-webid@w3.org>
On 6/29/14 6:35 PM, Peter Williams wrote:
> can we add an “community of interest” IDP to the list?
>
> at https://login.windows.net/rapmlsqa.com there is another OAUTH IDP, 
> openid connect enabled.

OpenID Connect, Active Directory, Keberos, and SAML will soon be added. 
LDAP (via ldap: scheme URIs in cert. san)  is already there, but not 
obvious just yet, all you do is upload the x.509 cert to your LDAP 
server account and WebID-TLS works via our implementation of the protocol.
>
>
> See 
> http://leastprivilege.com/2014/06/12/using-discovery-and-katana-middleware-to-write-an-openid-connect-web-client/ 
> - 
> <http://leastprivilege.com/2014/06/12/using-discovery-and-katana-middleware-to-write-an-openid-connect-web-client/%20-> 
> a discovery method for the various oauth URIs, should one input 
> andy@rapmlsqa.com <mailto:andy@rapmlsqa.com> in a identifier box 
> intended for the million IDPs of office 365 world. Various signed 
> JSON-P tokens back, suitable for  user profiling, or getting API 
> tokens in the name of the original user, etc.

You can add OAuth servers to the back-end configuration re. VAL 
(Virtualized Authenication Layer), the "more" button exposed list isn't 
fixed, that's just all I have configured.


Kingsley

>
> ill guess there is a parallel google initiative, all coordinated by 
> the US NSTIC and its nefarious aims for “cooperative vendors”. Im 
> supportive, providing the US stuff boots assurance in peer-peer 
> identity, which then takes “systemic OECD-wide security policies” into 
> account.
>
> *From:* Kingsley Idehen <mailto:kidehen@openlinksw.com>
> *Sent:* ‎Sunday‎, ‎June‎ ‎29‎, ‎2014 ‎2‎:‎38‎ ‎PM
> *To:* public-rww@w3.org <mailto:public-rww@w3.org>, 
> public-webid@w3.org <mailto:public-webid@w3.org>
> *Cc:* peter Msn <mailto:home_pw@msn.com>
>
> All,
>
> Simple example of loosely coupled identification and authentication.
> Basically, I have a simple Access Control List (ACL) that requires you
> to verify your identity using a variety of identifier and authentication
> protocol combos en route to viewing the protected resource (a PNG image).
>
> Note: WebID-TLS and TLS are distinct options i.e., you can use one or
> the other.
>
> Links:
>
> [1]
> http://kingsley.idehen.net/DAV/home/kidehen/Public/RWW-Demos/billionaire-ping-pong.png
>
> -- 
> Regards,
>
> Kingsley Idehen
> Founder & CEO
> OpenLink Software
> Company Web: http://www.openlinksw.com
> Personal Weblog 1: http://kidehen.blogspot.com
> Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen 
> <http://www.openlinksw.com/blog/%7Ekidehen>
> Twitter Profile: https://twitter.com/kidehen
> Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
> LinkedIn Profile: http://www.linkedin.com/in/kidehen
> Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
>
>


-- 
Regards,

Kingsley Idehen	
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog 1: http://kidehen.blogspot.com
Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen
Twitter Profile: https://twitter.com/kidehen
Google+ Profile: https://plus.google.com/+KingsleyIdehen/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen
Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this


Received on Sunday, 29 June 2014 23:19:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:05:55 UTC