Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Org.eclipse.higgins.hbx
Contents
Overview
The Higgins Browser Extension (aka HBX) is a Firefox extension written in Javascript. When Higgins Extension is installed and your browser lands on a "relying party" (RP) site, HBX manages authentication and other kinds of identity-related interactions between the RP site and the Higgins service.
[Note: At present this Higgins service is hosted, but in the future we will also support a "local" Higgins service installed on the same machine as your browser.]
Operation
The current version of the Higgins Extension has varying levels of support for what we will loosely call RP interaction types. These interactions begin after the browser has done an HTTP GET on some page. The Higgins Extension parses the HTML to find markers (e.g. kinds of <object> tags, etc.) that indicate what type of interaction the RP site supports.
RP Interaction Types
If it finds CardSpace-compatible markers, then this indicates that the RP site supports CardSpace-compatible authentication (sign-in). If it finds RSS-P markers then the site allows the user to "project" identity information (usually non-identifiying attributes) to the site, e.g. to express the user's "shopping" persona (preferences, etc.). If the site is one for which the user's Higgins Service has an "HTML Card", then the Higgins Extension will attempt to fill in forms on that site as well as scrape the users's own personal data from site.
Status
The Higgins Extension is only useful for Higgins developers. It currently requires a hosted Higgins service to operate, and since Higgins itself is only partially implemented, very little works end-to-end at all. The extension currently defaults to http://broker.parityinc.net/pip for its back end service, although this can be changed by the user. Parity's site is running an old version of the Higgins service (version 0.4 from early July). This site is useful for testing some RSS-P and some HTML support, but is not compatible with the current Higgins version 0.6.
We expect by the end of milestone 0.7 to have the latest version of the extension once again working with the latest version of the Higgins service. At that time the extension + service will be capable of:
- CardSpace: [Assuming that the IP roadblocks related to Microsoft's technology have been cleared,] the extension will use the Higgins service to generate CardSpace-compatible Digital Identities and POST these tokens to CardSpace-compatible RP sites. During this interaction the extension will invoke the ISS Web UI "card picker" component on the hosted Higgins service.
- RSS: Support for "projecting" a persona selected by the user onto the RP site
- HTML: Screen scraping and form filling from/to 2-3 websites
HBX version 0.5.X
- HBX Installation 0.5.X --how to install it
- Note: The HBX update site is currently http://broker.parityinc.net/pip/hbx/hbx_update.rdf We will be changing this shortly to the www.eclipse.org downloads area
- HBX How To Generate New Server Account
- HBX Microsoft CardSpace Support (v0.4.7+)
- HBX CardSpace Test Sites <-- No longer working
- HBX RSS-P Protocol Support (v0.5.1+)
- HBX RSS-P Test Site
- HBX Form Fill
- HBX Screen Scrape
- Implementation
- HBX Source Folders
- Written in Javascript
- Works with Firefox 1.5. Has been tested on WinXP, Linux and OSX
- Debugging tools used: To monitor all POST/Get requests the livehttpheadersextension is useful.
- Don't use HBX and Chuck Mortimore's extension at the same time --one of them should be disabled.
- HBX Screenshots from the Jan 26, 2007 Face-2-Face meeting in Provo, Utah
Reference
http://xmldap.blogspot.com/2006/05/firefox-identity-selector.html - Chuck Mortimore's Firefox extension. Chuck and the Higgins team have collaborated a bit on the development of our respective extentions.