https://github.com/linkeddata/mod_authn_webid
WebID authentication module for Apache 2
https://github.com/linkeddata/mod_authn_webid
Last synced: 4 months ago
JSON representation
WebID authentication module for Apache 2
- Host: GitHub
- URL: https://github.com/linkeddata/mod_authn_webid
- Owner: linkeddata
- License: mit
- Created: 2011-10-27T02:27:24.000Z (over 14 years ago)
- Default Branch: master
- Last Pushed: 2012-11-09T00:48:25.000Z (over 13 years ago)
- Last Synced: 2024-04-16T00:08:25.902Z (about 2 years ago)
- Language: C
- Homepage: http://www.w3.org/2005/Incubator/webid/spec/
- Size: 167 KB
- Stars: 6
- Watchers: 5
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.html
- License: LICENSE
Awesome Lists containing this project
README
WebID FOAF+SSL authentication module for Apache 2
The latest version of this module can be found at:
- http://dig.csail.mit.edu/2009/mod_authn_webid/
- https://svn.csail.mit.edu/dig/2009/mod_authn_webid/
Visit the W3 ESW wiki for more information about FOAF+SSL:
- http://esw.w3.org/topic/foaf+ssl
Requirements
Release versions of the following packages for your Linux
distribution:
- Apache >=2.2
- mod_ssl
Development versions of the following packages for your Linux
distribution:
- Apache >=2.2 (httpd-devel)
- Redland >=1.0.7 (redland-devel)
- OpenSSL >=0.9.8g (openssl-devel)
Installing
Use the following compilation and installation procedure:
$ autoconf
$ ./configure
$ sudo make install
The 'make install' command calls Apache's apxs utility to create and install
the mod_authn_webid DSO using default Apache module installation parameters.
Configuration Directives
- AuthWebIDAuthoritative
- Set to 'Off' to allow access control to be passed along to lower modules if
the WebID is not known to this module
Sample httpd.conf
LoadModule authn_webid_module modules/mod_authn_webid.soSSLVerifyClient optional_no_ca
# WebID ignored
<Location />
</Location># WebID optional
<Location /public/>
AuthType WebID
Require everyone
AuthWebIDAuthoritative off
</Location># WebID required
<Location /private/>
AuthType WebID
Require valid-user
</Location>
Authentication Details
Clients are verified using the following SPARQL query:
PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>
PREFIX cert: <http://www.w3.org/ns/auth/cert#>
PREFIX rsa: <http://www.w3.org/ns/auth/rsa#>
SELECT ?m ?e ?mod ?exp WHERE {
?key cert:identity <%s>;
rsa:modulus ?m;
rsa:public_exponent ?e.
OPTIONAL { ?m cert:hex ?mod . }
OPTIONAL { ?e cert:decimal ?exp. }
}
%s is substituted by the client's WebID claim.
Matching modulus and exponent triggers successful authentication.
Only hex characters [0-9a-f] are considered for modulus comparison.
The optional clauses maintain compatibility for users with FOAF WebIDs
before the changes to the cert datatypes discussed on foaf-protocols here:
http://lists.foaf-project.org/pipermail/foaf-protocols/2010-March/001857.html
Support
Please visit the issue tracker
for bug reports, feature requests, and other support.
Author
Joe Presbrey
presbrey@csail.mit.edu
$Id: README 28777 2010-04-12 20:49:23Z presbrey $