%META:TOPICPARENT{name="VirtTipsAndTricksGuide"}%
---+ Guide for OpenID+WebID Proxy Service that Enables WebID Exploitation via OpenID
%TOC%
---++What?
Virtuoso OpenID+WebID Proxy Service.
---++Why?
All of our early WebID demonstrations focused on exposing the critical value that WebID brings to OpenID. Basically, that takes the form of eliminating username-and-password-based authentication on the more obvious front, while disambiguating hyperlink-based Names and Addresses on the less obvious front, with Linked Data in mind (i.e., via OpenID you ended up with a URI based global Identifier with the requisite fidelity for InterWeb scale User Centric Identity)
In recent times, we've decoupled many of our WebID implementation layers from both [[http://virtuoso.openlinksw.com/][Virtuoso]] and [[http://ods.openlinksw.com/][ODS]]. The net effects of these actions are:
* HTML-, Windows-, and iOS5-based X.509 certificate generators that deliver certificates bearing WebID watermarks -- [[http://id.myopenlink.net/certgen/][http://id.myopenlink.net/certgen/]]
* HTML-based WebID verifier that enables you quickly verify any WebID -- [[http://id.myopenlink.net/ods/webid_demo.html][http://id.myopenlink.net/ods/webid_demo.html]]
* OpenID+WebID proxy service than enables WebID exploitation via OpenID
---++How?
What follows is a simple step-by guide showcasing the OpenID+WebID proxy service:
1. [[http://ods.openlinksw.com/wiki/ODS/ODSGenerateX509Certificate][Get yourself a WebID]].
2. Visit a space on the InterWeb that supports OpenID-based authentication.
3. When challenged for your WebID URL, simply provide a URL in the following form:
http://id.myopenlink.net/openid-proxy/id.vsp?w={Your-WebID}
* For instance, Kingsley Idehen's OpenID's is [[http://id.myopenlink.net/dataspace/person/KingsleyUyiIdehen][http://id.myopenlink.net/dataspace/person/KingsleyUyiIdehen]] and Kingsley Idehen's WebID's is [[http://id.myopenlink.net/dataspace/person/KingsleyUyiIdehen#this][http://id.myopenlink.net/dataspace/person/KingsleyUyiIdehen#this]], so the provided URL could be:
http://id.myopenlink.net/openid-proxy/id.vsp?w=http://id.myopenlink.net/dataspace/person/KingsleyUyiIdehen#this
---+++Observations
You will notice that you are able to use OpenID without username-and-password-based authentication. You simply present your X.509 certificate, and that's it.
---+++Why is this important?
WebID is best understood and appreciated when experienced as a complementary enhancement of what exists.
Here is a sequence of screenshots that showcase OpenID+WebID using the decoupled proxy service we now provide, distinct from the ODS instances used in our much earlier implementation demos:
---++++Example
1. Load [[http://openid-demo.appspot.com/][http://openid-demo.appspot.com/]] in your web browser.
%BR%%BR%
%BR%%BR%
1. Enter your WebID:
%BR%%BR%
%BR%%BR%
1. When challenged for certificate authorization, select your X.509 certificate:
%BR%%BR%
%BR%%BR%
1. You should be redirected to Virtuoso OpenID Authentication Service Endpoint, asking you how to proceed further. Click Accept:
%BR%%BR%
%BR%%BR%
1 Finally, you should be successfully logged in:
%BR%%BR%
%BR%%BR%
---++Related
* [[http://www.youtube.com/watch?v=gzqHVUb3qrw&feature=share][Power of WebID + OpenID Hybrid Protocol via Internet Explorer & Windows]]
* [[http://www.youtube.com/watch?v=eXoxUo7Py4M&feature=share][Using Safari to Demonstrate WebID + OpenID Hybrid Protocol Power!]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSWebIDIdP][Using Virtuoso's WebID Verification Proxy Service with a WebID-bearing X.509 certificate]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSWebIDIdpProxy][Using Virtuoso's WebID Identity Provider (IdP) Proxy Service with an X.509 certificate]]
* [[VirtSPARQLSecurityWebID][WebID Protocol & SPARQL Endpoint ACLs Tutorial]]
* [[VirtSPARQLEndpointProtection][Safeguarding your Virtuoso-hosted SPARQL Endpoint]]
* [[VirtTipsAndTricksGuideSPARQLEndpointProtection][SPARQL Endpoint Protection Methods Collection]]
* [[http://docs.openlinksw.com/virtuoso/][Virtuoso documentation]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpoint][SPARQL Service Endpoint]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#rdfsupportedprotocolendpointuri][Service Endpoint Security]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html#sparqwebservicetbl][Managing a SPARQL Web Service Endpoint]]
* [[http://docs.openlinksw.com/virtuoso/rdfsparql.html][SPARQL]]
* [[VirtTipsAndTricksGuide][Virtuoso Tips and Tricks Collection]]
* [[VirtSPARQLDET][SPARQL Endpoint DET Configuration Guide]]
* [[VirtOAuthSPARQL][SPARQL OAuth Tutorial]]
* [[VirtTipsAndTricksGuideSPARQLEndpoints][Securing SPARQL endpoints]]
* [[http://ods.openlinksw.com/wiki/ODS/OdsSPARQLAuth][SPARUL over SPARQL using the http://cname:port/sparql-auth endpoint]]
* [[VirtAuthServerUI][Virtuoso Authentication Server UI]]
* [[VirtSPARQLSSL][Manage a SPARQL-WebID based Endpoint]]
* [[VirtSetupSSL][Configure Virtuoso instance as an X.509 Certificate Authority and HTTPS listener]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSSetupSSL][Configure Virtuoso+ODS instance as an X.509 Certificate Authority and HTTPS listener]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtODSSecurityWebID][WebID Protocol Support in OpenLink Data Spaces]].
* Manage ODS Datadspaces Objects WebID Access Control Lists (ACLs):
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebID][ODS Briefcase WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDPerson][Person Entity WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDGroup][Group Entity WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDPublic][Public WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACL][ODS Feed Manager WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSFeedManagerWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACL][ODS Calendar WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSCalendarWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACL][ODS Bookmark Manager WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBookmarksWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACL][ODS Addressbook WebID based ACL Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACLPerson][Person Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACLGroup][Group Entity Specific ACL]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSAddressBookWebIDACLPublic][Public Specific ACL for anyone with a WebID]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSPkiSetup][Guide for Set up a X.509 certificate issuer and HTTPS listener and generate ODS user certificates.]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtODSPubSubHub][Setting up PubSubHub in ODS]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtPubSubHub][PubSubHubBub Demo Client Example]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtFeedPubSubHub][Feed subscription via PubSubHub protocol Example ]]
* [[http://ods.openlinksw.com/wiki/ODS/VirtPubSubHubACL][Setting Up PubSubHub to use WebID Protocol or IP based control lists]]
* [[http://ods.openlinksw.com/wiki/ODS/OdsKeyImport][CA Keys Import using Conductor]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSGenerateX509Certificate][Generate an X.509 Certificate hosted WebID Guide]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSGenerateWebIDX509CertOSKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by host operating system keystore]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSGenerateWebIDX509CertBrsKeystore][Generate an X.509 Certificate (with a WebID watermark) to be managed by a browser-based keystore]]
* [[http://ods.openlinksw.com/wiki/ODS/ODSBriefcaseWebIDShareFile][ODS Briefcase WebID Protocol Share File Guide]]
* [[http://esw.w3.org/topic/foaf+ssl][WebID Protocol Specification]]
* [[https://foaf.me/simpleLogin.php][Test WebID Protocol Certificate page]]
* [[http://test.foafssl.org/cert/][WebID Protocol Certificate Generation page]]
* [[http://openid4.me/][openid4.me]] -- An early WebID+OpenID implementation that isn't currently functional, but still provides good insights into the inner workings of WebID+OpenID
* [[http://openid-demo.appspot.com/][A nice OpenID service for testing the prowess of OpenID+WebID]]
* An WebID+OpenID protocol demo using ODS ...
* [[http://www.youtube.com/watch?v=mjgXsjd8PDE][... through Firefox on Mac OS X]]
* [[http://www.youtube.com/watch?v=eXoxUo7Py4M][... through Safari on Mac OS X]]
* [[http://www.youtube.com/watch?v=gzqHVUb3qrw][... through IE on Windows]]
* [[http://goo.gl/oBYFD][Using WebID from an iOS5 device (iPhone or iPad) with Twitter as the Identity Provider (IdP) service]]