WebID

WebID is a way to uniquely identify a person, company, organisation, or other agent using a URI and a certificate.

You need Web::ID package.

In Manager, go in General Parameters > Authentication modules and choose WebID for authentication module. You can also use WebID as user database.

Then, go in WebID parameters:

• Authentication level: authentication level for this module.
• WebID whitelist: list of space separated hosts granted to host FOAF document. You can use '*' character. Example :

  *.partner.com

If you use WebID as user database, declare values in exported variables :

• use any key name you want. If you want to refuse access when a data is missing, just add a "!" before the key name
• in the value field, set the field name. Take a look at http://xmlns.com/foaf/spec/#sec-crossref. Example :

  name => foaf:name

See also exported variables configuration.

Portal host must be configured to use SSL and must ask for client certificate. It is recommended to use optional_no_ca since WebID doesn't use certificate authorities :

<VirtualHost _default_:443>
ServerName auth.example.com
SSLEngine on
SSLCertificateFile ...
SSLCertificateKeyFile ...
SSLVerifyClient optional_no_ca
...
</VirtualHost>

To test this, you can build your own WebID certificate using one of :

• Web::ID::Certificate::Generator
• my-profile.eu
• gen-webid-cert.sh