WebID

Authentication Users Password

Presentation

WebID is a way to uniquely identify a person, company, organisation, or other agent using a URI and a certificate.

You need Web::ID package.

Configuration

In Manager, go in General Parameters > Authentication modules and choose WebID for authentication module. You can also use WebID as user database.

Then, go in WebID parameters:

  • Authentication level: authentication level for this module.
  • WebID whitelist: list of space separated hosts granted to host FOAF document. You can use '*' character. Example :
    *.partner.com

If you use WebID as user database, declare values in exported variables :

  • use any key name you want. If you want to refuse access when a data is missing, just add a “!” before the key name
  • in the value field, set the field name. Take a look at http://xmlns.com/foaf/spec/#sec-crossref. Example :
    name => foaf:name

See also exported variables configuration.

Apache configuration

Portal host must be configured to use SSL and must ask for client certificate. It is recommended to use optional_no_ca since WebID doesn't use certificate authorities :

<VirtualHost _default_:443>
ServerName auth.example.com
SSLEngine on
SSLCertificateFile ...
SSLCertificateKeyFile ...
SSLVerifyClient optional_no_ca
...
</VirtualHost>

Tests

To test this, you can build your own WebID certificate using one of :