Hi All,
The approach we went with is what we decided on after out initial round
of discussions; basically let anyone self register conventionally
through e-mail but then let them associate their infocard PPID with
their registered profile. At this point their infocard login is enabled
and doesn't force them to use any cryptic identifier. This is in place
and the full cycle has been tested.
Bye,
Channa.
Keith Chapman wrote:
Ruchith Fernando wrote:
This is about "signup" (ie. User registration) using an information card
... in this case a new user will not be required to fill any forms to
create an account. Example : [1] - see the "Register with your
information card" option. Do we have it already in mashup site code?
Hmmm, not really. As we both use JSP,a may be we can reuse some of your
code. +1 for integrating it with the mashup server (We can make it
available on mashups.wso2.org).
Thanks,
Keith.
Thanks,
Ruchith
1. https://is.test.wso2.org/ShowUserRegistration.action
Keith Chapman wrote:
Its already working. Channa did test it out.
Thanks,
keith.
Tyrell Perera wrote:
The infrastructure code is in place already. But AFAIK there were some
hiccups at the final moment. We'll definitely have it once the team gets
back from the holidays, with due credits given to the identity solution :)
Tyrell
Ruchith Fernando wrote:
Hi Mashup guys,
It will be great if we can get InfoCard based logins working on the
mashup community site.
Registration simply will be yet another information card submit where it
requires the following claims :
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier
These will allow us to capture the information required in this form[1].
When someone submits a token with these claims we can simply populate
user store with a user with the username as the ppid. Now when
authenticating the user into the mashup site will only require you to
check whether the incoming token carries the given ppid and the cert
that was originally used.
Also can we have a "Powered by WSO2 Identity Solution" image next to the
InfoCard login image? :-)
Thoughts?
Thanks,
Ruchith
1.
https://mashups.wso2.org/register_self.jsp?firstcall=true&bounceback=index.jsp
------------------------------------------------------------------------
Subject:
RE: WSO2 Mashup Server InfoCard support
From:
Mike Jones <[EMAIL PROTECTED]>
Date:
Sat, 22 Dec 2007 21:06:47 -0800
To:
Ruchith Fernando <[EMAIL PROTECTED]>
To:
Ruchith Fernando <[EMAIL PROTECTED]>
CC:
Prabath Siriwardena <[EMAIL PROTECTED]>
X-Account-Key:
account2
Return-Path:
<[EMAIL PROTECTED]>
Delivered-To:
serendib-wso2:[EMAIL PROTECTED]
X-Envelope-To:
[EMAIL PROTECTED]
Received:
(qmail 80065 invoked from network); 23 Dec 2007 05:06:59 -0000
Received:
from mailwash1.pair.com (66.39.2.1) by mahawu.pair.com with SMTP; 23 Dec
2007 05:06:59 -0000
Received:
from localhost (localhost [127.0.0.1]) by mailwash1.pair.com (Postfix)
with SMTP id C0BA7CC0A8 for <[EMAIL PROTECTED]>; Sun, 23 Dec 2007
00:06:59 -0500 (EST)
X-Greylisting:
209.68.4.0/24 is whitelisted
Received:
from mahawu.pair.com (mahawu.pair.com [209.68.4.109]) by
mailwash1.pair.com (Postfix) with ESMTP id 48579CC0B2 for
<[EMAIL PROTECTED]>; Sun, 23 Dec 2007 00:06:59 -0500 (EST)
Received:
from smtp.microsoft.com (smtp.microsoft.com [131.107.115.212]) by
mahawu.pair.com (Postfix) with ESMTP id 0E4B2FF956 for
<[EMAIL PROTECTED]>; Sun, 23 Dec 2007 00:06:59 -0500 (EST)
Received:
from tk1-exhub-c101.redmond.corp.microsoft.com (157.56.116.111) by
TK5-EXGWY-E801.partners.extranet.microsoft.com (10.251.56.50) with
Microsoft SMTP Server (TLS) id 8.1.222.3; Sat, 22 Dec 2007 21:06:58 -0800
Received:
from NA-EXMSG-C106.redmond.corp.microsoft.com ([157.54.62.139]) by
tk1-exhub-c101.redmond.corp.microsoft.com ([157.56.116.111]) with mapi;
Sat, 22 Dec 2007 21:06:58 -0800
Thread-Topic:
WSO2 Mashup Server InfoCard support
Thread-Index:
AchFGFSiLAZ16f7zSBuvHRP/FeyizQACHgSQ
Message-ID:
<[EMAIL PROTECTED]>
References:
<[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
In-Reply-To:
<[EMAIL PROTECTED]>
Accept-Language:
en-US
Content-Language:
en-US
acceptlanguage:
en-US
Content-Type:
text/plain; charset="us-ascii"
Content-Transfer-Encoding:
quoted-printable
MIME-Version:
1.0
Thanks Ruchith,
Let me know when sign-up works as well and then I'll make a post promoting your
InfoCard support. I appreciate that it's a significant accomplishment to get
the support up that you have already. But as people make deployments, I'm
really trying to encourage them to enable fully password-less interaction, as
JanRain (see http://self-issued.info/?p=46) and LinkSafe (see
http://self-issued.info/?p=50) have done, and as we described in the Deployment
Guide (see http://self-issued.info/?p=26).
Happy Holidays!
-- Mike
-----Original Message-----
From: Ruchith Fernando [mailto:[EMAIL PROTECTED]
Sent: Saturday, December 22, 2007 8:00 PM
To: Mike Jones
Cc: Prabath Siriwardena
Subject: Re: WSO2 Mashup Server InfoCard support
Hi Mike,
I noticed Prabath had explained[1] the signup process and how we can add
a card into a user profile, which can be later used to sign into that
account.
We will work with the Mashup team to setup information card based
"signup" as well. Will let you know as soon as we have it ready.
Thanks,
Ruchith
1.
http://psiriwardena.blogspot.com/2007/12/wso2-mashup-server-v10-beta-added.html#comment-6122013459367852541
Mike Jones wrote:
Read your post at
http://psiriwardena.blogspot.com/2007/12/wso2-mashup-server-v10-beta-added.html.
Congratulations! I've added the site to my list of sites using
Information Cards at http://self-issued.info/?page_id=40.
There's now sign-up support on the login page but I was surprised that
if you go to the sign-up page at
https://mashups.wso2.org/register_self.jsp?firstcall=true&bounceback=index.jsp
<https://mashups.wso2.org/register_self.jsp?firstcall=true&bounceback=index.jsp>
that I couldn't register with an Information Card there. Also, I tried
to sign up using an Information Card on the page
https://mashups.wso2.org/signin.jsp?bounceback=index.jsp where it
advertised "Signup using your personal or managed infocard." and it told
me "Infocard based login failed." on the page
https://mashups.wso2.org/infocardaccept.jsp.
Can you add sign-up support to the sign-up page so that accounts can be
created with no password required? Once that's in place I'll make a
blog entry about your InfoCard support on the mashup site.
Best wishes,
-- Mike
------------------------------------------------------------------------
_______________________________________________
Architecture mailing list
[EMAIL PROTECTED]
https://www-lk.wso2.com/cgi-bin/mailman/listinfo/architecture
_______________________________________________
Architecture mailing list
[EMAIL PROTECTED]
https://www-lk.wso2.com/cgi-bin/mailman/listinfo/architecture
_______________________________________________
Architecture mailing list
[EMAIL PROTECTED]
https://www-lk.wso2.com/cgi-bin/mailman/listinfo/architecture
_______________________________________________
Architecture mailing list
[EMAIL PROTECTED]
https://www-lk.wso2.com/cgi-bin/mailman/listinfo/architecture
--
********************************************
Channa Gunawardena
Technical Lead, WSO2 Inc.
channa at wso2.com; Mobile: +94 71 306 2722
"Oxygenating the Web Service Platform."
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
