Skip to main content
Jump to: navigation, search

Difference between revisions of "Org.eclipse.higgins.rpps"

(UI Support)
(Support for Token-based RP Interaction Patterns)
Line 40: Line 40:
 
  // about the requester and the set of one or more selections that the user  
 
  // about the requester and the set of one or more selections that the user  
 
  // has just made in the [[ISS Web UI]] (see userInterfaceRequest)
 
  // has just made in the [[ISS Web UI]] (see userInterfaceRequest)
  // <? AND presuming that the protocol involved in interacting with the RPA
+
  // AND presuming that the protocol involved in interacting with the RPA
 
  // requires a security token, request the token that corresponds to the user's  
 
  // requires a security token, request the token that corresponds to the user's  
 
  // selection(s).  
 
  // selection(s).  
  // @param policy - the RP Agent's [[Relying Party Security Policy]]
+
  // @param Policy - the RP Agent's [[Relying Party Security Policy]]
  // @param requester - the RP Agent's identity information
+
  // @param Requester - the RP Agent's identity information
  // @param selections - the user-selected subset of the UIDs (handles)  
+
  // @param Selections - the user-selected subset of the UIDs (handles)  
 
  //  contained in the UserInterfaceResponse object returned from  
 
  //  contained in the UserInterfaceResponse object returned from  
 
  //  an earlier invocation of 'userInterfaceRequest'
 
  //  an earlier invocation of 'userInterfaceRequest'
  // @returns a TokenResponse that contains a ResponseURL <??> and a  
+
  // @returns a TokenResponse that contains a ResponseURL and a  
 
  //  Digital Identity token message
 
  //  Digital Identity token message
 +
// The ResponseURL indicates to the HBX client where the security token
 +
// should be sent (via, say, a POST method)
 +
//
 
  TokenResponse tokenRequest(Policy policy, Requester requester, Selections selections)
 
  TokenResponse tokenRequest(Policy policy, Requester requester, Selections selections)
 
   throws InvalidSelectionException, ProcessingErrorException
 
   throws InvalidSelectionException, ProcessingErrorException

Revision as of 07:37, 19 December 2006


Overview

Provides support for Higgins clients, including the Higgins Browser Extension.

UI Support

userInterfaceRequest

// This method takes as input a policy---for example, one that has been retrieved from the Relying 
// Party Agent (called here the 'Requester')---as well as a description of the 
// Requester. 
// 
// @param Policy
// @param Requester
// @returns UserInterfaceResponse
//  
// It returns a UserInterfaceResponse object which contains all of the
// information necessary to construct a user interface for identity 
// information selection and release. This object contains:
// - Identity information of the requester (including name, address, CA) if available
// - Privacy Policy Summary, i.e. a description of the Requester's privacy policy
// - Information about the user's previously selected options for this policy
// - Manual selection information (including per claim choices and recommendations 
//   and images) necessary to display a set of card icons as well as their 
//   contained claims
// - warnings about this policy and/or this Requester, e.g. FirstVisitWarning, UntrustedSSLCertificateWarning
// - and UIDs for each selectable entry (these are handles to the card icons 
//   and/or individual claims used in 'tokenRequest'
//
// The UserInterfaceResponse object should contain all information necessary to display
// both the Cardspace ceremony and other interface paradigms to be developed in the future 
//
UserInterfaceResponse userInterfaceRequest(Policy, Requester)
  throws InvalidPolicyFormatException, UnsupportProtocolException,
  UnsatisfiablePolicyException

Support for Token-based RP Interaction Patterns

tokenRequest

// Given the Relying Party Agent (aka 'Requester')'s policy, identity information
// about the requester and the set of one or more selections that the user 
// has just made in the ISS Web UI (see userInterfaceRequest)
// AND presuming that the protocol involved in interacting with the RPA
// requires a security token, request the token that corresponds to the user's 
// selection(s). 
// @param Policy - the RP Agent's Relying Party Security Policy
// @param Requester - the RP Agent's identity information
// @param Selections - the user-selected subset of the UIDs (handles) 
//   contained in the UserInterfaceResponse object returned from 
//   an earlier invocation of 'userInterfaceRequest'
// @returns a TokenResponse that contains a ResponseURL  and a 
//   Digital Identity token message
// The ResponseURL indicates to the HBX client where the security token
// should be sent (via, say, a POST method)
//
TokenResponse tokenRequest(Policy policy, Requester requester, Selections selections)
  throws InvalidSelectionException, ProcessingErrorException

Connection to Higgins Client

  • Create a new account on the Higgins service registered to the client (e.g. HBX)
  • Verification of HBX authentication
  • Returns the Terms of Service of the Higgins service (human readable text document)

HTML form filling

getFormFillingScript

If there is a form filling script for the web page currently open in the browser, retreive data from the appropriate I-Card, and pass this data along with the script the client (e.g. HBX) so that the client can fill in forms on that page

/**
 * Gets a form filling script for the specified site&user
 * @param page the browser's current URL
 * @param username the user name
 * @param form the HTML form name
 * @return a form filling script
 */
public String getFormFillingScript(String page, String username, String form) 
  throws java.rmi.RemoteException;

HTML Scraping

getHtmlScrapingScript

If there is an HTML scraping script for the current page, return it to the client (e.g. to HBX) for interpretation/execution.

/**
 * Gets an HTML scraping script for the specified page
 * @param page the URL of page to scrape
 * @return an HTML scraping script
 */
public String getHtmlScrapingScript(String page) throws java.rmi.RemoteException;

setHtmlScrapingScript

The one client (HBX) among the others (?it needs to specify which one?) captures/generates the HTML script from/for the site and then saves it into the server for the further using.

/**
 * Sets an HTML scraping script for the specified site
 * @param host the site url
 * @param script the script body
 */ 
public String setHtmlScrapingScript(String host, String script) throws java.rmi.RemoteException;

RSS+SSE Support

  • Acquire a card
// acquire the RSS feed from the RP site and then 
// create a new (site-specific) I-Card whose attributes are defined in the feed
acquireICard(String subscribeURL)
  • Create an RSS-SSE feed that publishes the minimal subset of attributes required/supported by the RP site from the appropriate I-Card. If available, subscribe to a reverse RSS-SSE feed and use the data to update the a site-specific Card I-Card.

OpenID 2.0 Support

  • <to be written>

Sign-on Confirmation Notify

// Locate the URIICard-type I-Card whose URI matches 'cref'. If no such 
// card exists, create it. Find the Digital Subject whose unique identifier 
// is 'cuid'. On the uniqueIdentifier attribute value itself: 
// (1) if 'success' is true, add/update to "now" the
//   the lastVerifiedFromSource metadata property's timestamp and
// (2) add/update the lastVerifiedAttempt metadata property's timestamp
//   to "now".
void connectionNotify(ContextRef cref, String cuid, boolean success)
  • The Higgins browser extension invokes this method after it has attempted to use the username 'cuid' at the website 'cref' with the password (retrieved from the browser's password manager) along with a HTML scraping script retrieved from RP Protocol Support to sign in to this site.

See Also

Back to the top