Author: prabath
Date: Tue Apr 15 03:06:09 2008
New Revision: 15671
Log:
documentation added/updated
Added:
trunk/solutions/identity/modules/documentation/src/site/xdoc/oprp_developer_guide2.xml
Modified:
trunk/solutions/identity/modules/documentation/src/site/site.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_administratorguide.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/index.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/index_docs.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/installation_guide.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/op_administratorguide.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/oprp_developer_guide.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/release-notes.xml
trunk/solutions/identity/modules/documentation/src/site/xdoc/rp_developer_guide.xml
Modified: trunk/solutions/identity/modules/documentation/src/site/site.xml
==============================================================================
--- trunk/solutions/identity/modules/documentation/src/site/site.xml
(original)
+++ trunk/solutions/identity/modules/documentation/src/site/site.xml Tue Apr
15 03:06:09 2008
@@ -22,8 +22,7 @@
<item name="Home" href="index.html"/>
</menu>
<menu name="Downloads">
- <item name="Releases"
-
href="http://dist.wso2.org/products/solutions/identity/@wso2is_version@"/>
+ <item name="Releases"
href="http://wso2.org/downloads/solutions/identity"/>
</menu>
<menu name="Documentation" href="index_docs.html">
<item name="Installation Guide" href="installation_guide.html"/>
@@ -33,6 +32,7 @@
<item name="mod_cspace Configuration Guide"
href="mod_cspace_config.html"/>
<item name="Relying Party Developer Guide - I"
href="rp_developer_guide.html"/>
<item name="Relying Party Developer Guide - II"
href="oprp_developer_guide.html"/>
+ <item name="Relying Party Developer Guide - III"
href="oprp_developer_guide2.html"/>
<item name="Idp User Guide" href="idp_userguide.html"/>
<item name="OpenID User Guide" href="op_userguide.html"/>
</menu>
Modified:
trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_administratorguide.xml
==============================================================================
---
trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_administratorguide.xml
(original)
+++
trunk/solutions/identity/modules/documentation/src/site/xdoc/idp_administratorguide.xml
Tue Apr 15 03:06:09 2008
@@ -19,7 +19,7 @@
<html xmlns="http://www.w3.org/1999/xhtml";>
<body>
<p>[<a
-href="http://dist.wso2.org/products/solutions/identity/@wso2is_version@";>Download</a>]
+href="http://wso2.org/downloads/solutions/identity";>Download</a>]
| [<a href="index_docs.html">Documentation Index</a>] | [<a
href="release-notes.html">Release Note</a>]</p>
Modified: trunk/solutions/identity/modules/documentation/src/site/xdoc/index.xml
==============================================================================
--- trunk/solutions/identity/modules/documentation/src/site/xdoc/index.xml
(original)
+++ trunk/solutions/identity/modules/documentation/src/site/xdoc/index.xml
Tue Apr 15 03:06:09 2008
@@ -19,10 +19,10 @@
<body>
<h1>Welcome to WSO2 Identity Solution, [EMAIL PROTECTED]@</h1>
-<h2>April 07th, 2008 - WSO2 Identity Solution , [EMAIL PROTECTED]@
Released!</h2>
+<h2>April 08th, 2008 - WSO2 Identity Solution , [EMAIL PROTECTED]@
Released!</h2>
<p>[<a
-href="http://dist.wso2.org/products/solutions/identity/@wso2is_version@";>Download</a>]
+href="http://wso2.org/downloads/solutions/identity";>Download</a>]
| [<a href="index_docs.html">Documentation Home</a>] | [<a
href="release-notes.html">Release Note</a>]</p>
Modified:
trunk/solutions/identity/modules/documentation/src/site/xdoc/index_docs.xml
==============================================================================
--- trunk/solutions/identity/modules/documentation/src/site/xdoc/index_docs.xml
(original)
+++ trunk/solutions/identity/modules/documentation/src/site/xdoc/index_docs.xml
Tue Apr 15 03:06:09 2008
@@ -17,7 +17,7 @@
<html xmlns="http://www.w3.org/1999/xhtml";>
<body>
<p>[<a
-href="http://dist.wso2.org/products/wsas/java/@wso2is_version@";>Download</a>]
+href="http://wso2.org/downloads/solutions/identity";>Download</a>]
| [<a href="index_docs.html">Documentation Home</a>] | [<a
href="release-notes.html">Release Note</a>]</p>
@@ -40,7 +40,9 @@
<li><a href="rp_developer_guide.html">Relying Party Developer Guide - I</a>
-
Describes how to enable InfoCard login for websites using our
components.</li>
<li><a href="oprp_developer_guide.html">Relying Party Developer Guide -
II</a> -
- Describes how to enable OpenID and OpenID InfoCard login for websites using
our components.</li>
+ Describes how to enable OpenID with Simple Registration and OpenID InfoCard
login for websites using our components.</li>
+ <li><a href="oprp_developer_guide2.html">Relying Party Developer Guide -
III</a> -
+ Describes how to enable OpenID login with OpenID Attribute Exchange and
OpenID Provider Authentication Policy Extension for websites using our
components.</li>
</ul>
<strong>For IdP Users</strong>
<ul>
Modified:
trunk/solutions/identity/modules/documentation/src/site/xdoc/installation_guide.xml
==============================================================================
---
trunk/solutions/identity/modules/documentation/src/site/xdoc/installation_guide.xml
(original)
+++
trunk/solutions/identity/modules/documentation/src/site/xdoc/installation_guide.xml
Tue Apr 15 03:06:09 2008
@@ -1,94 +1,99 @@
-<!--
- ~ Copyright 2005-2007 WSO2, Inc. (http://wso2.com)
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
- "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";>
-<html xmlns="http://www.w3.org/1999/xhtml";>
-<body>
-<p>[<a
-href="http://dist.wso2.org/products/solutions/identity/@wso2is_version@";>Download</a>]
-| [<a href="index_docs.xml">Documentation Home</a>] | [<a
-href="release-notes.html">Release Note</a>]</p>
-<h1>WSO2 Identity Solution, [EMAIL PROTECTED]@ - Installation Guide</h1>
-
-<p>Your feedback on WSO2 Identity Solution is most appreciated. Please send
them to our <a
-href="index.xml#mail">mailing lists.</a></p>
-
-<h2 id="System">System Requirements</h2>
-
-<table border="2">
- <tbody>
- <tr>
- <td>Java Runtime Environment</td>
- <td>1.5 (For instructions on setting up the JRE in different
- operating systems, visit <a
- href="http://java.sun.com";>http://java.sun.com</a>)</td>
- </tr>
- <tr>
- <td>Memory</td>
- <td>256 MB</td>
- </tr>
- <tr>
- <td>Disk</td>
- <td>Approximately 80 MB will be used for the identity provider .zip
- distribution
- </td>
- </tr>
- <tr>
- <td>Operating System</td>
- <td>Tested on Windows XP, Linux - (Ubuntu, Gentoo)</td>
- </tr>
- </tbody>
-</table>
-
-<h1>Installing WSO2 Identity Solution : Identity Provider [EMAIL
PROTECTED]@</h1>
-
-<a name="win"></a>
-
-<h2 id="Installing">Installing on Microsoft Windows</h2>
-
-<p><strong>Note</strong>: Out of Microsoft Windows platforms, the WSO2
Identity
-Solution, [EMAIL PROTECTED]@ release has been successfully tested only on
-Windows XP.</p>
-
-The following steps will take you through the installation for the MS Windows
XP
-operating system.
-
-<ol>
-<li><a
href="http://dist.wso2.org/products/solutions/identity/@wso2is_version@";>
- Download</a> the WSO2 Identity solution binary distribution.</li>
-<li>Extract the zip archive.</li>
-<li>Set the JAVA_HOME environment variable to your Java installation.</li>
-<li>Execute the WSO2 Identity Solution : Identity Provider starting script.
-e.g., C:[EMAIL PROTECTED]@\bin\wso2is.bat</li>
-<li>Check your WSO2 Identity Solution instance using the URL
https://localhost:12443</li>
-</ol>
-
-<h2 id="Installing">Installing on Linux</h2>
-
-<ol>
-<li><a
href="http://dist.wso2.org/products/solutions/identity/@wso2is_version@";>
- Download</a> the WSO2 Identity solution binary distribution.</li>
-<li>Extract the zip archive.</li>
-<li>Set the JAVA_HOME environment variable to your Java installation.</li>
-<li>Execute the WSO2 Identity Solution : Identity Provider starting script.
-e.g., /identity/[EMAIL PROTECTED]@/bin/wso2is start</li>
-<li>Check your WSO2 Identity Solution instance using the URL
https://localhost:12443</li>
-</ol>
-
-<p>For details on the Management Console see <a
- href="idp_administratorguide.html">Administrator's Guide</a></p>
-
-</body>
-</html>
+<!--
+ ~ Copyright 2005-2007 WSO2, Inc. (http://wso2.com)
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+<body>
+<p>[<a
+href="http://wso2.org/downloads/solutions/identity";>Download</a>]
+| [<a href="index_docs.xml">Documentation Home</a>] | [<a
+href="release-notes.html">Release Note</a>]</p>
+<h1>WSO2 Identity Solution, [EMAIL PROTECTED]@ - Installation Guide</h1>
+
+<p>Your feedback on WSO2 Identity Solution is most appreciated. Please send
them to our <a
+href="index.xml#mail">mailing lists.</a></p>
+
+<h2 id="System">System Requirements</h2>
+
+<table border="2">
+ <tbody>
+ <tr>
+ <td>Java Runtime Environment</td>
+ <td>1.5 (For instructions on setting up the JRE in different
+ operating systems, visit <a
+ href="http://java.sun.com";>http://java.sun.com</a>)</td>
+ </tr>
+ <tr>
+ <td>Memory</td>
+ <td>256 MB</td>
+ </tr>
+ <tr>
+ <td>Disk</td>
+ <td>Approximately 80 MB will be used for the identity provider .zip
+ distribution
+ </td>
+ </tr>
+ <tr>
+ <td>Operating System</td>
+ <td>Tested on Windows XP, Linux - (Ubuntu, Gentoo)</td>
+ </tr>
+ </tbody>
+</table>
+
+<h1>Installing WSO2 Identity Solution : Identity Provider [EMAIL
PROTECTED]@</h1>
+
+<a name="win"></a>
+
+<h2 id="Installing">Installing on Microsoft Windows</h2>
+
+<p><strong>Note</strong>: Out of Microsoft Windows platforms, the WSO2
Identity
+Solution, [EMAIL PROTECTED]@ release has been successfully tested only on
+Windows XP.</p>
+
+The following steps will take you through the installation for the MS Windows
XP
+operating system.
+
+<ol>
+<li><a href="http://wso2.org/downloads/solutions/identity";>
+ Download</a> the WSO2 Identity solution binary distribution.</li>
+<li>Extract the zip archive.</li>
+<li>Set the JAVA_HOME environment variable to your Java installation.</li>
+<li>Execute the WSO2 Identity Solution : Identity Provider starting script.
+e.g., C:[EMAIL PROTECTED]@\bin\wso2is.bat</li>
+<li>Check your WSO2 Identity Solution instance using the URL
https://localhost:12443</li>
+</ol>
+
+<h2 id="Installing">Installing on Linux</h2>
+
+<ol>
+<li><a href="http://wso2.org/downloads/solutions/identity";>
+ Download</a> the WSO2 Identity solution binary distribution.</li>
+<li>Extract the zip archive.</li>
+<li>Set the JAVA_HOME environment variable to your Java installation.</li>
+<li>Execute the WSO2 Identity Solution : Identity Provider starting script.
+e.g., /identity/[EMAIL PROTECTED]@/bin/wso2is start</li>
+<li>Check your WSO2 Identity Solution instance using the URL
https://localhost:12443</li>
+</ol>
+
+<p><strong>Note</strong>: You also need to download Java Cryptography
Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0 from
+<a href="http://java.sun.com/javase/downloads/index_jdk5.jsp";>here</a> and
copy the two jar files from the extracted jce directory (local_policy.jar and
US_export_policy.jar) to $JAVA_HOME/jre/lib/security.
+
+</p>
+
+<p>For details on the Management Console see <a
+ href="idp_administratorguide.html">Administrator's Guide</a></p>
+
+</body>
+</html>
Modified:
trunk/solutions/identity/modules/documentation/src/site/xdoc/op_administratorguide.xml
==============================================================================
---
trunk/solutions/identity/modules/documentation/src/site/xdoc/op_administratorguide.xml
(original)
+++
trunk/solutions/identity/modules/documentation/src/site/xdoc/op_administratorguide.xml
Tue Apr 15 03:06:09 2008
@@ -19,7 +19,7 @@
<html xmlns="http://www.w3.org/1999/xhtml";>
<body>
<p>[<a
-href="http://dist.wso2.org/products/solutions/identity/@wso2is_version@";>Download</a>]
+href="http://wso2.org/downloads/solutions/identity";>Download</a>]
| [<a href="index_docs.html">Documentation Index</a>] | [<a
href="release-notes.html">Release Note</a>]</p>
Modified:
trunk/solutions/identity/modules/documentation/src/site/xdoc/oprp_developer_guide.xml
==============================================================================
---
trunk/solutions/identity/modules/documentation/src/site/xdoc/oprp_developer_guide.xml
(original)
+++
trunk/solutions/identity/modules/documentation/src/site/xdoc/oprp_developer_guide.xml
Tue Apr 15 03:06:09 2008
@@ -24,7 +24,7 @@
<h2>Introduction</h2>
This servlet filter
org.wso2.solutions.identity.relyingparty.servletfilter.RelyingPartyFilter
can be used with a servlet based web application to provide information card
and OpenID
-login to that application.The Part II of this guide explains how you can add
OpenID and OpenID Information Card support to
+login to that application.The Part II of this guide explains how you can add
OpenID with Simple Registration and OpenID Information Card support to
a relying party web application. The developer should follow the steps
described below
in intgrating this servlet filter:
@@ -184,12 +184,20 @@
<li>core-3.1.1.jar</li>
<li>dom4j-1.6.1.jar</li>
<li>opensaml-1.1.406.jar</li>
+<li>opensaml-2.0-rc1.jar</li>
+<li>openws-2.0-rc1.jar</li>
<li>stax-api-1.0.1.jar</li>
<li>wss4j-SNAPSHOT.jar</li>
<li>xmlsec-534045-patched.jar</li>
<li>wso2is-token-verifier-core-1.0.jar</li>
<li>wso2is-base-1.0.jar</li>
<li>openid4java-nodeps-0.9.3.1.jar</li>
+<li>icu4j-3.4.4.jar</li>
+<li>openxri-client-1.0.1.jar</li>
+<li>openxri-syntax-1.0.1.jar</li>
+<li>commons-pool-1.3.jar</li>
+<li>commons-dbcp-1.2.2.jar</li>
+<li>htmlparser-1.6.jar</li>
</ul>
<h3>Step 4 : Obtain the information in the verified token and process</h3>
@@ -202,13 +210,13 @@
On successful verification value of this attribute will be
"<strong>success</strong>". Otherwise it will be
"<strong>failure</strong>".</p>
-<p>The ServletRequest will also contain a set of attrbites by the names of
+<p>The ServletRequest will also contain a set of attributes by the names of
the claims (the part of claim URI after the final "/")</p> with their values.
<p>These values can be used by the developer to initiate a user session in a
web
application.</p>
-<h2>Adding OpenID Support</h2>
+<h2>Adding OpenID Support with Simple Registration</h2>
<p></p>
<h3>Step 1 : Add the servlet filter to your application</h3>
@@ -254,6 +262,9 @@
// imports
<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDAuthenticationRequest"%>
<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDConsumer"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.openid.OpenIDRequestType"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.RelyingPartyException"%>
+<[EMAIL PROTECTED] import="org.wso2.solutions.identity.IdentityConstants"%>
<%
@@ -305,6 +316,7 @@
<pre><![CDATA[
// imports
<[EMAIL PROTECTED] import="org.wso2.solutions.identity.IdentityConstants"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.TokenVerifierConstants"%>
<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDConsumer "%>
<%
@@ -345,12 +357,20 @@
<li>core-3.1.1.jar</li>
<li>dom4j-1.6.1.jar</li>
<li>opensaml-1.1.406.jar</li>
+<li>opensaml-2.0-rc1.jar</li>
+<li>openws-2.0-rc1.jar</li>
<li>stax-api-1.0.1.jar</li>
<li>wss4j-SNAPSHOT.jar</li>
<li>xmlsec-534045-patched.jar</li>
<li>wso2is-token-verifier-core-1.5.jar</li>
<li>wso2is-base-1.5.jar</li>
<li>openid4java-nodeps-0.9.3.1.jar</li>
+<li>icu4j-3.4.4.jar</li>
+<li>openxri-client-1.0.1.jar</li>
+<li>openxri-syntax-1.0.1.jar</li>
+<li>commons-pool-1.3.jar</li>
+<li>commons-dbcp-1.2.2.jar</li>
+<li>htmlparser-1.6.jar</li>
</ul>
Added:
trunk/solutions/identity/modules/documentation/src/site/xdoc/oprp_developer_guide2.xml
==============================================================================
--- (empty file)
+++
trunk/solutions/identity/modules/documentation/src/site/xdoc/oprp_developer_guide2.xml
Tue Apr 15 03:06:09 2008
@@ -0,0 +1,360 @@
+<!--
+ ~ Copyright 2005-2007 WSO2, Inc. (http://wso2.com)
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";>
+<html xmlns="http://www.w3.org/1999/xhtml";>
+<head>
+</head>
+<body>
+<h1>WSO2 Identity Solution, [EMAIL PROTECTED]@ : Java Servlet Filter Developer
Guide : Part III</h1>
+
+<h2>Introduction</h2>
+This servlet filter
org.wso2.solutions.identity.relyingparty.servletfilter.RelyingPartyFilter
+can be used with a servlet based web application to provide information card
and OpenID
+login to that application.The Part III of this guide explains how you can add
OpenID support to
+a relying party web application, with OpenID Attribute Exchange and OpenID
Provider Authentication Policy Extension.
+The developer should follow the steps described below
+in intgrating this servlet filter:
+
+<h2>Adding OpenID Attribute Exchange support</h2>
+
+<p></p><h3>Step 1 : Add the servlet filter to your application</h3>
+
+<p>Include the following entry in the web.xml file of the application:</p>
+
+<pre><![CDATA[
+
+ <filter>
+ <filter-name>TokenValidator</filter-name>
+
<filter-class>org.wso2.solutions.identity.relyingparty.servletfilter.RelyingPartyFilter</filter-class>
+ <init-param>
+ <param-name> ................ </param-name>
+ <param-value> ............... </param-value>
+ </init-param>
+ <init-param>
+ ......................
+ </init-param>
+ ......................
+ ......................
+ </filter>
+
+ <filter-mapping>
+ <filter-name>TokenValidator</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+]]></pre>
+
+<h3>Step 2 : Add signin page</h3>
+
+<pre><![CDATA[
+<form name="openidsignin" id="openidsignin" method="post"
action="openidsubmit.jsp">
+ Enter Your OpenID Url:<input type="text" name="openIdUrl"/>
+ <input type="submit" name="submit" value="Login" />
+</form>
+]]></pre>
+
+<p>As per above scenario <b>openidsubmit.jsp</b> page will accept the OpenID
url and will do authentication using Identity Solution's
+relying parting components.</p>
+
+<h3>Step 3 : Create OpenID authentication request[openidsubmit.jsp]</h3>
+<pre><![CDATA[
+// imports
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDAuthenticationRequest"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDConsumer"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.openid.OpenIDRequestType"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.RelyingPartyException"%>
+<[EMAIL PROTECTED] import="org.wso2.solutions.identity.IdentityConstants"%>
+
+<%
+
+try
+{
+ OpenIDAuthenticationRequest openIDAuthRequest = null;
+
+ openIDAuthRequest = new OpenIDAuthenticationRequest(request,response);
+
+ openIDAuthRequest.setOpenIDUrl((String)request.getParameter("openIdUrl"));
+
+ // you need to set an absolute url as the return url.
+ // once the user authenticated successfully or failed at the OpenID
+ // Provider, the browser will be redirected to this url
+
+ openIDAuthRequest.setReturnUrl("http://myapp.com/openidcallback.jsp";);
+
+ // Use OpenID Attribute Exchange
+ openIDAuthRequest.addRequestType(OpenIDRequestType.ATTRIBUTE_EXCHANGE);
+
+ // Set the required claims - I need these claims from the OpenID
+ // Provider.
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.NICK_NAME,IdentityConstants.OpenId.ExchangeAttributes.NICK_NAME_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.FULL_NAME,IdentityConstants.OpenId.ExchangeAttributes.FULL_NAME_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.EMAIL,IdentityConstants.OpenId.ExchangeAttributes.EMAIL_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.DOB,IdentityConstants.OpenId.ExchangeAttributes.DOB_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.GENDER,IdentityConstants.OpenId.ExchangeAttributes.GENDER_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.POSTAL_CODE,IdentityConstants.OpenId.ExchangeAttributes.POSTAL_CODE_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.COUNTRY,IdentityConstants.OpenId.ExchangeAttributes.COUNTRY_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.LANGUAGE,IdentityConstants.OpenId.ExchangeAttributes.LANGUAGE_NS);
+
openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.ExchangeAttributes.TIMEZONE,IdentityConstants.OpenId.ExchangeAttributes.TIMEZONE_NS);
+
+
+ // Performs authentication : this will redirect you to OpenID Provider for
authentication
+ OpenIDConsumer.getInstance().doOpenIDAuthentication(openIDAuthRequest);
+
+}
+catch(RelyingPartyException e)
+{
+ // handle exceptions
+ out.println(e.getMessage());
+}
+
+%>
+]]></pre>
+
+<h3>Step 4 : Add OpenID callback page[openidcallback.jsp]</h3>
+
+<p>After being authenticated at the OpenID Provider, user will be redirected
to this page.</p>
+<pre><![CDATA[
+// imports
+<[EMAIL PROTECTED] import="org.wso2.solutions.identity.IdentityConstants"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.TokenVerifierConstants"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDConsumer "%>
+
+<%
+
+String nickname = null;
+String auth =
(String)request.getAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE);
+
+ if(auth != null && TokenVerifierConstants.STATE_SUCCESS.equals(auth)) {
+
+ //user authenticated successfully at his OpenID Provider
+ //let me get his nick name - which I requested.
+
+ if
(request.getAttribute(IdentityConstants.OpenId.ExchangeAttributes.NICK_NAME) !=
null)
+ {
+ nickname =
request.getAttribute(IdentityConstants.OpenId.ExchangeAttributes.NICK_NAME);
+
+ }else {
+
+ // there can be OpenID Providers, who do not maintain a list of user
+ // attributes. In such case you won't receive any value here -
+ // though you requested.
+ }
+ }
+ else
+ {
+ //user authentication failed at his OpenID Provider
+ }
+%>
+]]></pre>
+
+<h3>Step 5 : Add the following jars to your classpath</h3>
+<ul>
+<li>axiom-api-1.2.4.jar</li>
+<li>axiom-dom-1.2.4.jar</li>
+<li>axiom-impl-1.2.4.jar</li>
+<li>wstx-asl-3.2.1.jar</li>
+<li>bcprov-jdk15-132.jar</li>
+<li>core-3.1.1.jar</li>
+<li>dom4j-1.6.1.jar</li>
+<li>opensaml-1.1.406.jar</li>
+<li>opensaml-2.0-rc1.jar</li>
+<li>openws-2.0-rc1.jar</li>
+<li>stax-api-1.0.1.jar</li>
+<li>wss4j-SNAPSHOT.jar</li>
+<li>xmlsec-534045-patched.jar</li>
+<li>wso2is-token-verifier-core-1.5.jar</li>
+<li>wso2is-base-1.5.jar</li>
+<li>openid4java-nodeps-0.9.3.1.jar</li>
+<li>icu4j-3.4.4.jar</li>
+<li>openxri-client-1.0.1.jar</li>
+<li>openxri-syntax-1.0.1.jar</li>
+<li>commons-pool-1.3.jar</li>
+<li>commons-dbcp-1.2.2.jar</li>
+<li>htmlparser-1.6.jar</li>
+</ul>
+
+<h2>Adding OpenID Provider Authentication Policy Extension support</h2>
+
+<p></p><h3>Step 1 : Add the servlet filter to your application</h3>
+
+<p>Include the following entry in the web.xml file of the application:</p>
+
+<pre><![CDATA[
+
+ <filter>
+ <filter-name>TokenValidator</filter-name>
+
<filter-class>org.wso2.solutions.identity.relyingparty.servletfilter.RelyingPartyFilter</filter-class>
+ <init-param>
+ <param-name> ................ </param-name>
+ <param-value> ............... </param-value>
+ </init-param>
+ <init-param>
+ ......................
+ </init-param>
+ ......................
+ ......................
+ </filter>
+
+ <filter-mapping>
+ <filter-name>TokenValidator</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+]]></pre>
+
+<h3>Step 2 : Add signin page</h3>
+
+<pre><![CDATA[
+<form name="openidsignin" id="openidsignin" method="post"
action="openidsubmit.jsp">
+ Enter Your OpenID Url:<input type="text" name="openIdUrl"/>
+ <input type="submit" name="submit" value="Login" />
+</form>
+]]></pre>
+
+<p>As per above scenario <b>openidsubmit.jsp</b> page will accept the OpenID
url and will do authentication using Identity Solution's
+relying parting components.</p>
+
+<h3>Step 3 : Create OpenID authentication request[openidsubmit.jsp]</h3>
+<pre><![CDATA[
+// imports
+<[EMAIL PROTECTED] import="org.wso2.solutions.identity.IdentityConstants"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.openid.OpenIDAuthenticationRequest"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.openid.OpenIDConsumer"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.openid.AuthPolicyType"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.openid.OpenIDRequestType"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.RelyingPartyException"%>
+
+<%
+
+try
+{
+ OpenIDAuthenticationRequest openIDAuthRequest = null;
+
+ openIDAuthRequest = new OpenIDAuthenticationRequest(request,response);
+
+ openIDAuthRequest.setOpenIDUrl((String)request.getParameter("openIdUrl"));
+
+ // you need to set an absolute url as the return url.
+ // once the user authenticated successfully or failed at the OpenID
+ // Provider, the browser will be redirected to this url
+
+ openIDAuthRequest.setReturnUrl("http://myapp.com/openidcallback.jsp";);
+
+ // Use PAPE
+ openIDAuthRequest.addRequestType(OpenIDRequestType.PAPE);
+
+ String phishing= "true"; //In real implementation accept this from the user
: (String)request.getParameter("phishing");
+ String multifactor = null;//In real implementation accept this from the
user : (String)request.getParameter("multifactor");
+ String multifactorphysical= null; //In real implementation accept this from
the user : (String)request.getParameter("multifactorphysical");
+
+
+ if (phishing!= null && phishing.equalsIgnoreCase("true")) {
+
openIDAuthRequest.addAuthPolicy(AuthPolicyType.PAPE_POLICY_PHISHING_RESISTANT);
+ }
+
+ if (multifactor!= null && multifactor.equalsIgnoreCase("true")) {
+
openIDAuthRequest.addAuthPolicy(AuthPolicyType.PAPE_POLICY_MULTI_FACTOR);
+ }
+
+ if (multifactorphysical!= null &&
multifactorphysical.equalsIgnoreCase("true")) {
+
openIDAuthRequest.addAuthPolicy(AuthPolicyType.PAPE_POLICY_MULTI_FACTOR_PHYSICAL);
+ }
+
+ openIDAuthRequest.setMaxAuthAge(10);
+
+
+ // Performs authentication : this will redirect you to OpenID Provider for
authentication
+ OpenIDConsumer.getInstance().doOpenIDAuthentication(openIDAuthRequest);
+
+}
+catch(RelyingPartyException e)
+{
+ // handle exceptions
+ out.println(e.getMessage());
+}
+
+%>
+]]></pre>
+
+<h3>Step 4 : Add OpenID callback page[openidcallback.jsp]</h3>
+
+<p>After being authenticated at the OpenID Provider, user will be redirected
to this page.</p>
+<pre><![CDATA[
+// imports
+<[EMAIL PROTECTED] import="org.wso2.solutions.identity.IdentityConstants"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.relyingparty.TokenVerifierConstants"%>
+<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDConsumer "%>
+
+<%
+
+String authPolcies = null;
+String authLevel = null;
+String authAge = null;
+
+String auth =
(String)request.getAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE);
+
+ if(auth != null && TokenVerifierConstants.STATE_SUCCESS.equals(auth)) {
+
+ //user authenticated successfully at his OpenID Provider
+ //let me get PAPE related attributes.
+
+ if (request.getAttribute("auth_policies") != null) {
+ authPolcies = request.getAttribute("auth_policies");
+ }
+
+ if (request.getAttribute("nist_auth_level") != null) {
+ authLevel = request.getAttribute("nist_auth_level");
+ }
+
+ if (request.getAttribute("auth_age") != null) {
+ authAge = request.getAttribute("auth_age")%>
+ }
+ }
+ else
+ {
+ //user authentication failed at his OpenID Provider
+ }
+%>
+]]></pre>
+
+<h3>Step 5 : Add the following jars to your classpath</h3>
+<ul>
+<li>axiom-api-1.2.4.jar</li>
+<li>axiom-dom-1.2.4.jar</li>
+<li>axiom-impl-1.2.4.jar</li>
+<li>wstx-asl-3.2.1.jar</li>
+<li>bcprov-jdk15-132.jar</li>
+<li>core-3.1.1.jar</li>
+<li>dom4j-1.6.1.jar</li>
+<li>opensaml-1.1.406.jar</li>
+<li>opensaml-2.0-rc1.jar</li>
+<li>openws-2.0-rc1.jar</li>
+<li>stax-api-1.0.1.jar</li>
+<li>wss4j-SNAPSHOT.jar</li>
+<li>xmlsec-534045-patched.jar</li>
+<li>wso2is-token-verifier-core-1.5.jar</li>
+<li>wso2is-base-1.5.jar</li>
+<li>openid4java-nodeps-0.9.3.1.jar</li>
+<li>icu4j-3.4.4.jar</li>
+<li>openxri-client-1.0.1.jar</li>
+<li>openxri-syntax-1.0.1.jar</li>
+<li>commons-pool-1.3.jar</li>
+<li>commons-dbcp-1.2.2.jar</li>
+<li>htmlparser-1.6.jar</li>
+</ul>
+
+
+</body>
+</html>
Modified:
trunk/solutions/identity/modules/documentation/src/site/xdoc/release-notes.xml
==============================================================================
---
trunk/solutions/identity/modules/documentation/src/site/xdoc/release-notes.xml
(original)
+++
trunk/solutions/identity/modules/documentation/src/site/xdoc/release-notes.xml
Tue Apr 15 03:06:09 2008
@@ -27,26 +27,36 @@
</head>
<body>
-<h1>WSO2 Identity Solution @wso2is_version@ Release Notes</h1>
+<h1>New WSO2 Identity Solution feature-rich with OpenID</h1>
-<h3>07 April, 2008</h3>
+<h3>WSO2 Identity Solution @wso2is_version@ Release Note</h3>
-<p>The WSO2 Identity Solution enables LAMP and Java websites to provide strong
authentication
-based on the new interoperable Microsoft CardSpace technology, which is built
-on the open standards Security Assertion Mark-up Language (SAML) and WS-Trust.
-WSO2’s new open source security offering features an easy-to-use Identity
-Provider that is controlled by a simple Web-based management console and
-supports interoperability with multiple vendors’ CardSpace components,
including
-those provided by Microsoft .NET. The WSO2 Identity Solution also works with
-enterprises’ current identity directories, such as those based on the
Lightweight
-Directory Access Protocol (LDAP) and Microsoft Active Directory, allowing them
-to leverage their existing infrastructure. In addition to the Identity Provider
-WSO2 Identity Solution provides a Relying Party Component Set which plugs into
-the most common web servers to add support for CardSpace authentication.</p>
+<h3>08 April, 2008</h3>
+<p>The WSO2 Identity Solution, which enables LAMP and Java websites to provide
strong authentication based on the new interoperable Microsoft
+CardSpace technology, released version 1.5 today. This new release includes
OpenID and OpenID Information Cards, further enhancing the WSO2
+Identity Solution to cater to a wider audience for web based authentication.
OpenID is a key feature in decentralizing single sign-on, much
+favored by many users.</p>
+<p>The WSO2 Identity Solution is built on the open standards Security
Assertion Mark-up Language (SAML) and WS-Trust.
+This version supports SAML version 2.0 in addition to 1.1 which was available
in the previous version of the WSO2 Identity Solution.</p>
-<h2>Key Features in this Release</h2>
+<p>WSO2's open source security offering features an easy-to-use Identity
Provider that is controlled by a simple Web-based management console
+and supports interoperability with multiple vendors' CardSpace components.
This includes those provided by Microsoft .NET.</p>
+
+<p>The WSO2 Identity Solution also works with current enterprise identity
directories, such as those based on the Lightweight Directory Access
+Protocol (LDAP) and Microsoft Active Directory, allowing them to leverage
their existing infrastructure. In addition to the Identity Provider
+the WSO2 Identity Solution provides a Relying Party Component Set which plugs
into the most common Web servers to add support for CardSpace
+authentication and now OpenID.</p>
+
+<h2>New features in version 1.5</h2>
+ <ul>
+ <li>OpenID Provider and relying party component support</li>
+ <li>OpenID information cards based on user name-token credential
and self issued credential</li>
+ <li>SAML 2.0 support</li>
+ </ul>
+
+<h2>Other Key Features</h2>
<ul>
<li>Identity provider
@@ -58,11 +68,7 @@
<li>Support for custom claim dialects and claims
types</li>
<li>Statistics/reporting/audit trail</li>
<li>Ability to revoke information cards</li>
- <li>Issues information cards based on username-token
credential and
- self issued credential</li>
- <li>Issues OpenID information cards based on username-token
credential and
- self issued credential</li>
- <li>Issues OpenID</li>
+ <li>Issues information cards based on username-token
credential and self issued credential</li>
</ul>
</li>
<li>Apache HTTPD relying party module - mod_cspace</li>
@@ -79,14 +85,9 @@
enable CardSpace authentication</li>
<li>Supports multi-valued claims</li>
<li>Supports a set of simple operation modes</li>
- <li>Supports for OpenID</li>
- <li>Supports for OpenID Information Cards</li>
- </ul>
-
+ </ul>
</ul>
-<br/>
-
<h2>Reporting Problems</h2>
Issues can be reported using the public JIRA available at <a
href="https://wso2.org/jira/browse/IDENTITY";>https://wso2.org/jira/browse/IDENTITY</a>
@@ -115,4 +116,4 @@
<p>Copyright 2008 WSO2 Inc.</p>
</body>
-</html>
+</html>
\ No newline at end of file
Modified:
trunk/solutions/identity/modules/documentation/src/site/xdoc/rp_developer_guide.xml
==============================================================================
---
trunk/solutions/identity/modules/documentation/src/site/xdoc/rp_developer_guide.xml
(original)
+++
trunk/solutions/identity/modules/documentation/src/site/xdoc/rp_developer_guide.xml
Tue Apr 15 03:06:09 2008
@@ -182,11 +182,20 @@
<li>core-3.1.1.jar</li>
<li>dom4j-1.6.1.jar</li>
<li>opensaml-1.1.406.jar</li>
+<li>opensaml-2.0-rc1.jar</li>
+<li>openws-2.0-rc1.jar</li>
<li>stax-api-1.0.1.jar</li>
<li>wss4j-SNAPSHOT.jar</li>
<li>xmlsec-534045-patched.jar</li>
<li>wso2is-token-verifier-core-1.0.jar</li>
<li>wso2is-base-1.0.jar</li>
+<li>openid4java-nodeps-0.9.3.1.jar</li>
+<li>icu4j-3.4.4.jar</li>
+<li>openxri-client-1.0.1.jar</li>
+<li>openxri-syntax-1.0.1.jar</li>
+<li>commons-pool-1.3.jar</li>
+<li>commons-dbcp-1.2.2.jar</li>
+<li>htmlparser-1.6.jar</li>
</ul>
<br/>
<h3>Step 4 : Obtain the information in the verified token and process</h3>
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
