- From: Jürgen Jakobitsch <j.jakobitsch@semantic-web.at>
- Date: Mon, 02 Jan 2012 14:06:35 +0100 (CET)
- To: "public-xg-webid@w3.org XG" <public-xg-webid@w3.org>
hi, just to give you an example there are two usage scenarios supported by WebIDRealm following : 1. use virtuoso to store roles information 1.1. mode = DEREFERENCE_ONLY - Extend a WebIDDatabaseFactoryBase [1] [2] class that creates a Virtuoso Sail Repository using virtuoso's Sail implementation. - Set the role-graph-uri for the roles-graph in tomcat's server.xml (where the Factory is defined) - Set mode to DEREFERENCE_ONLY (in tomcat's server.xml) WebIDRealm will try to dereference the WebIDClaim over http and lookup associated role in the roles-graph in virtuoso. If the WebIDClaim is in the required role for a certain webapp-resource access is granted. 2. use virtuoso to store roles and webid information 1.2. mode = DEREFERENCE_NO - this would be the usage scenario for ultra secure intranets, where there's no connection to data from outer space. - Extend a WebIDDatabaseFactoryBase [1] [2] class that creates a Virtuoso Sail Repository using virtuoso's Sail implementation. - Set the roles-graph-uri for the roles-graph in tomcat's server.xml (please note that the roles should be in a separate graph where users don't have access to.) - Set the user-graph-uri for the users-graph in tomcat's server.xml (this would be the graph where all foaf-statements and cert:key statements are stored) - Set mode to DEREFERENCE_NO (in tomcat's server.xml) WebIDRealm will look for the WebIDClaims from the certificate only in users-graph in virtuoso and check associated roles in the roles-graph in virtuoso. In this setup it is possible to use any uri as WebID. wkr http://www.turnguard.com/turnguard [1] please note that javadocs will follow soon (this week) [2] please note that the source on sourceforge will be updated soon (this week) (currently only the old version is available) -- | Jürgen Jakobitsch, | Software Developer | Semantic Web Company GmbH | Mariahilfer Straße 70 / Neubaugasse 1, Top 8 | A - 1070 Wien, Austria | Mob +43 676 62 12 710 | Fax +43.1.402 12 35 - 22 COMPANY INFORMATION | http://www.semantic-web.at/ PERSONAL INFORMATION | web : http://www.turnguard.com | foaf : http://www.turnguard.com/turnguard | skype : jakobitsch-punkt
Received on Monday, 2 January 2012 13:07:04 UTC