Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Difference between revisions of "GTK Selector 1.1-Win"

(Packaged Windows Installer)
(End-User Perspective)
 
(7 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
[[Image:Higgins_logo_76Wx100H.jpg|right]]
 
[[Image:Higgins_logo_76Wx100H.jpg|right]]
  
This page describes Native code [[I-Card]] Selector for Firefox and IE (also callable by local apps) for Windows.  
+
This page describes the [[GTK Selector 1.1-Win]] variant of the Higgins Selector developed as part of Higgins 1.1. It is a native code selector for Windows based on the GTK UI toolkit. This selector uses a local card store to store its Information Cards, but can also be configured to synchronize these cards with a remote [[CardSync Service]].
  
== Version ==
+
== End-User Perspective ==
This is the updated 1.1 version of the Higgins 1.0 [[GTK and Cocoa Selector 1.0]].
+
  
==Overview ==
+
For an introduction to Information Cards and Selectors visit http://informationcard.net
Entire [[GTK Selector 1.1-Win]] solution consists of the following components:
+
  
* [[Components 1.1#Higgins_Browser_Extension |Higgins Browser Extension]] (HBX)
+
===Installation on Windows===
* [[Components 1.1#HSS_Manager |HSS Manager]]
+
* [[Components 1.1#HSS_Launcher |HSS Launcher]]
+
* [[Components 1.1#Higgins_Selector_Switch |Higgins Selector Switch]] (HSS)
+
* [[Components 1.1#Selector_UI |Selector UI]] (GTK variant)
+
  
This page mostly describe GTK variant of the [[Components 1.1#Selector_UI |Selector UI]] for Windows that consume services from [[Local I-Card Service Package]] in order to be able to manage local store of [[I-Card |I-Cards]] and to retrieve security tokens for them. [[Local_I-Card_Service_Package |Local I-Card Service]] could optionaly be configured to synchronize local card store with the remote one using [[CardSync_Service |CardSync Service]].
+
An installer for the [[GTK Selector 1.1-Win]] is available in the [http://www.azigo.com/company/dev/gtk-selector-1-1-for-windows Azigo Developer Center].
  
== End-User Perspective ==
+
===Configuration===
For the end-user, this technology provides the following benefits:
+
  
* Relying party sites do not need to store sensitive identity information.
+
The [[GTK Selector 1.1-Win]] uses the '''"%HOMEPATH%\.ftk\settings\58EB0021-F939-48BA-B872-E93C4B380D4F\settings.xml"''' as a configuration file. If this file doesn't exist, it will create one with the default settings the first time it starts up.
* Users are put in control of their own identity information and can choose who they trust to store their sensitive data.
+
* Rather than updating dozens of accounts whenever some piece of identity information changes (such as a phone number), users can update their information at one (or a small number) of IDP sites.
+
* Users can interact with sites without ever disclosing their identity. For example, an STS can issue a token asserting that a user's age is greater than some required value without disclosing anything else about the user. Because of the trust relationship the relying party has with the STS, it can be sure that that the assertion is true.
+
  
===Functionality===
+
==== Using a CardSync Service ====
 +
By default this selector stores its cards in the '''"%HOMEPATH%\.iss\iss_cards"''' folder. However, the selector can be configured instead to store its cards in a local ISAMDatadase (that is pre-configured to use the '''"%HOMEPATH%\.iss\hscs_cards"''' folder) and to synchronize cards from this database with a remote [[CardSync Service]] endpoint.
  
[[Image:iss_data_flow.jpg|thumb|right|300px]]
+
To configure the selector to use a CardSync service, the configuration file (settings.xml mentioned above) should be manually updated to include a CARDS section as is shown in the following example.
  
The selector interact with [http://en.wikipedia.org/wiki/Information_Card Information Card]-compatible web sites and services. In a typical use case, a user wants to complete some type of transaction with a relying party site. This usually requires the exchange of identity information such as the user's given name, surname, street address, and e-mail address. By using an [http://en.wikipedia.org/wiki/Information_Card Information Card]-aware web browser (such as Firefox or IE with the selector extension installed), a user can easily provide the required information by selecting an appropriate [http://en.wikipedia.org/wiki/Information_Card Information Card] from the set of cards that they own. The flow of data in this case would be:
+
<source lang="xml">
 +
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
 +
<Settings>
 +
  <Section Id="CARDS">
 +
      <Setting Name="STORE.TYPE" Data="urn:org:eclipse:higgins:cardstore:type:hcsp"/>
 +
      <Setting Name="STORE.URI" Data="http://rh155.azigo.net/cardsync-new/rs"/>
 +
      <Setting Name="STORE.USERNAME" Data="testUser"/>
 +
      <!--
 +
        your username goes here
  
* A user visits a web site that supports [http://en.wikipedia.org/wiki/Information_Card Information Card]-compatible tokens.
+
      -->
* By clicking on a link or button, an identity selector interface appears and presents a list of cards that satisfy the policy of the web site.
+
      <Setting Name="STORE.PASSWORD" Data="testPassword"/>
* A card is selected by the user.
+
      <!--
* Credentials needed to access the IDP (i.e., ldap directory or something similar) are requested by the identity selector.
+
        your password goes here
* The credentials and required claims are bundled into a request that is signed and sent to the Security Token Service (STS).
+
* The STS extracts information from the token request, authenticates the user via the IDP, and retrieves the requested claim values. The response is bundled into a message that is signed by the STS and returned to the identity selector.
+
* The identity selector passes the token returned by the STS to the relying party site.
+
* The relying party site verifies that the token is issued by a trusted STS and that the token is valid (signature is good, token hasn't expired, etc.).
+
* Claim values are extracted from the token by the relying party and are used to complete the transaction.
+
  
===Setup===
+
      -->
<to be written>
+
  </Section>
 +
  <Section Id="gtkui">
 +
      <Setting Name="MAIN.X" Data="733"/>
 +
      <Setting Name="MAIN.Y" Data="116"/>
 +
      <Setting Name="MAIN.WIDTH" Data="640"/>
 +
      <Setting Name="MAIN.HEIGHT" Data="480"/>
 +
      <Setting Name="MAIN.PANEPOS" Data="291"/>
 +
      <Setting Name="MAIN.COLWIDTH" Data="264"/>
 +
      <Setting Name="MAIN.SHOWTOOLBAR" Data="true"/>
 +
  </Section>
 +
</Settings>
 +
</source>
 +
 
 +
* Note1: This selector is currently unable to create a new user account on the [[CardSync Service]] endpoint. So at the present time you must to use an existing account (username and password) on the rh155.azigo.net [[I-Card Service]] endpoint hosted by Azigo.
 +
 
 +
* Note2: This selector's internal "synchronizing cardstore" implementation is still experimental. It may be necessary to remove the entire '''"%HOMEPATH%\.iss\hscs_cards"''' folder when upgrading to a new version of the selector due to possible data format changes in the new version.
  
 
==Deployer Perspective==
 
==Deployer Perspective==
Line 105: Line 114:
 
* YOUR_DEPLOYMENT_DIRECTORY\bin\: msvcm90d.dll, msvcp90d.dll, msvcr90d.dll and Microsoft.VC90.DebugCRT.manifest from your MS Visual C++ installation
 
* YOUR_DEPLOYMENT_DIRECTORY\bin\: msvcm90d.dll, msvcp90d.dll, msvcr90d.dll and Microsoft.VC90.DebugCRT.manifest from your MS Visual C++ installation
  
===Configuration===
 
 
GTK selector UI uses
 
'''"%HOMEPATH%\.ftk\settings\58EB0021-F939-48BA-B872-E93C4B380D4F\settings.xml"''' configuration file at runtime to read and store its configuration. If this file doesn't exist GTK selector will create one with the default settings at first sturt up.
 
 
By default selector UI uses file system card store that stores cards in '''"%HOMEPATH%\.iss\iss_cards"''' filder.
 
 
Selector UI could be configured to use synchronizing card store that synchronizes local card store with the remote one by using [[CardSync Service]] endpoint. For now synchronizing card store uses ISAMDatadase that is pre-configured to use '''"%HOMEPATH%\.iss\hscs_cards"''' folder to store card localy but could be configured what [[CardSync Service]] endpoint to use.
 
 
 
In order to configure Selector UI to use synchronized card store the above configuration file should be manually updated to have CARDS section like in the following example.
 
 
* Note: right now GTK selector is unable to create user account on [[CardSync Service]] endpoint. So, you need to use your real user name and password for rh155.azigo.net [[I-Card Service]] endpoint.
 
 
* Note: that while synchronizing card store is at the development stage it may be necessary to remove entire '''"%HOMEPATH%\.iss\hscs_cards"''' folder when you want to use new version of the selector due to possible data format changes.
 
 
<source lang="xml">
 
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
 
<Settings>
 
  <Section Id="CARDS">
 
      <Setting Name="STORE.TYPE" Data="urn:org:eclipse:higgins:cardstore:type:hcsp"/>
 
      <Setting Name="STORE.URI" Data="http://rh155.azigo.net/cardsync-new/rs"/>
 
      <Setting Name="STORE.USERNAME" Data="testUser"/>
 
      <!--
 
        your username goes here
 
 
      -->
 
      <Setting Name="STORE.PASSWORD" Data="testPassword"/>
 
      <!--
 
        your password goes here
 
 
      -->
 
  </Section>
 
  <Section Id="gtkui">
 
      <Setting Name="MAIN.X" Data="733"/>
 
      <Setting Name="MAIN.Y" Data="116"/>
 
      <Setting Name="MAIN.WIDTH" Data="640"/>
 
      <Setting Name="MAIN.HEIGHT" Data="480"/>
 
      <Setting Name="MAIN.PANEPOS" Data="291"/>
 
      <Setting Name="MAIN.COLWIDTH" Data="264"/>
 
      <Setting Name="MAIN.SHOWTOOLBAR" Data="true"/>
 
  </Section>
 
</Settings>
 
</source>
 
  
 
==Developer Perspective==
 
==Developer Perspective==
Line 168: Line 133:
 
* [[Local I-Card Service Package]]
 
* [[Local I-Card Service Package]]
 
Services:
 
Services:
* [[CardSync Service]]
+
* [[CardSync Service]] - optional web service

Latest revision as of 22:07, 6 October 2009

{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}

Higgins logo 76Wx100H.jpg

This page describes the GTK Selector 1.1-Win variant of the Higgins Selector developed as part of Higgins 1.1. It is a native code selector for Windows based on the GTK UI toolkit. This selector uses a local card store to store its Information Cards, but can also be configured to synchronize these cards with a remote CardSync Service.

End-User Perspective

For an introduction to Information Cards and Selectors visit http://informationcard.net

Installation on Windows

An installer for the GTK Selector 1.1-Win is available in the Azigo Developer Center.

Configuration

The GTK Selector 1.1-Win uses the "%HOMEPATH%\.ftk\settings\58EB0021-F939-48BA-B872-E93C4B380D4F\settings.xml" as a configuration file. If this file doesn't exist, it will create one with the default settings the first time it starts up.

Using a CardSync Service

By default this selector stores its cards in the "%HOMEPATH%\.iss\iss_cards" folder. However, the selector can be configured instead to store its cards in a local ISAMDatadase (that is pre-configured to use the "%HOMEPATH%\.iss\hscs_cards" folder) and to synchronize cards from this database with a remote CardSync Service endpoint.

To configure the selector to use a CardSync service, the configuration file (settings.xml mentioned above) should be manually updated to include a CARDS section as is shown in the following example. 

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<Settings>
   <Section Id="CARDS">
      <Setting Name="STORE.TYPE" Data="urn:org:eclipse:higgins:cardstore:type:hcsp"/>
      <Setting Name="STORE.URI" Data="http://rh155.azigo.net/cardsync-new/rs"/>
      <Setting Name="STORE.USERNAME" Data="testUser"/>
      <!--
         your username goes here
 
      -->
      <Setting Name="STORE.PASSWORD" Data="testPassword"/>
      <!--
         your password goes here
 
      -->
   </Section>
   <Section Id="gtkui">
      <Setting Name="MAIN.X" Data="733"/>
      <Setting Name="MAIN.Y" Data="116"/>
      <Setting Name="MAIN.WIDTH" Data="640"/>
      <Setting Name="MAIN.HEIGHT" Data="480"/>
      <Setting Name="MAIN.PANEPOS" Data="291"/>
      <Setting Name="MAIN.COLWIDTH" Data="264"/>
      <Setting Name="MAIN.SHOWTOOLBAR" Data="true"/>
   </Section>
</Settings>
  • Note1: This selector is currently unable to create a new user account on the CardSync Service endpoint. So at the present time you must to use an existing account (username and password) on the rh155.azigo.net I-Card Service endpoint hosted by Azigo.
  • Note2: This selector's internal "synchronizing cardstore" implementation is still experimental. It may be necessary to remove the entire "%HOMEPATH%\.iss\hscs_cards" folder when upgrading to a new version of the selector due to possible data format changes in the new version.

Deployer Perspective

Building

The required project is:

  • app/org.eclipse.higgins.selector.ui.gtk

This project can be checked out from the Eclipse repository at the following SVN URI:

https://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/app/org.eclipse.higgins.selector.ui.gtk

You can check it out from the Eclipse repository using a MS Visual C++ plugin like http://ankhsvn.open.collab.net/, or by using an external SVN tool such as http://tortoisesvn.tigris.org/.

To avoid problems, you should check it out into a directory that does not contain any spaces, e.g. C:\Higgins\org.eclipse.higgins.selector.ui.gtk.

These instructions are for building the solution with MS Visual C++ 2008 Express Edition.

You need the following software:

To avoid problems, you should install the above software in their default locations (e.g. C:\OpenSSL and C:\Gtk).

You need to add the path to cmake.exe to your PATH environment variable.

The project is designed to be built with cmake, and in order to be able to import it into MS Visual C++, the necessary project files have to be created using the special scripts configure_vs.bat and setupvc.bat, which are included with the org.eclipse.higgins.selector.ui.gtk project. You may have to edit both scripts and adjust local paths before you can run them. Also, you have to change the line 

cmake -G "Visual Studio 8 2005" ../..

... to ... 

cmake -G "Visual Studio 9 2008" ../..

... depending on which version of MS Visual C++ you are using.

After these steps, you can run the configure_vs.bat script. This will create MS Visual C++ project files in the path build\vc relative to the org.eclipse.higgins.selector.ui.gtk project.

The main MS Visual C++ project file is identityselector.sln. You should be able to open this in MS Visual C++ and run a build.

If during the build you get the error "You appear to be building against the wrong version of OpenSSL", you need to do the following:

  1. In your OpenSSL installation (e.g. in C:\OpenSSL), open the file include\openssl\opensslconf.h.
  2. Change all occurences of the string OPENSSL_SYSNAME_WIN64A to OPENSSL_SYSNAME_WIN32.
  3. Re-run the build

After the build succeeds, in order to run the main executable bin\identityselector.exe, you need to manually assemble a directory structure as follows:

  • YOUR_DEPLOYMENT_DIRECTORY\: all files and sub-directories from build\vc\build\share\identityselector
  • YOUR_DEPLOYMENT_DIRECTORY\bin\: identityselector.exe and *.dll from build\vc\build\bin\Debug
  • YOUR_DEPLOYMENT_DIRECTORY\bin\: libssl32.dll, libeay32.dll and ssleay32.dll from your OpenSSL installation
  • YOUR_DEPLOYMENT_DIRECTORY\bin\: msvcm90d.dll, msvcp90d.dll, msvcr90d.dll and Microsoft.VC90.DebugCRT.manifest from your MS Visual C++ installation


Developer Perspective

Architecture

GTK-selector-1.1.120.png

(Diagram Key)

Components, Packages & Services

Components:

Packages:

Services:

Retrieved from "https://wiki.eclipse.org/index.php?title=GTK_Selector_1.1-Win&oldid=173688"

This page was last modified 22:07, 6 October 2009 by Paul Trevithick. Based on work by Tom Carroll, Valery Kokhan and Markus Sabadello and others.

Back to the top