Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Remember this Card Overview"
| Line 7: | Line 7: | ||
1. Workflow | 1. Workflow | ||
| − | + | STEP 1- user navigates to an RP site and see the log-in page in Figure 1 below. The user clicks on the button to log in with their information card: | |
Figure 1 – RP site log-in page | Figure 1 – RP site log-in page | ||
| Line 13: | Line 13: | ||
[[Image:remember1.PNG]] | [[Image:remember1.PNG]] | ||
| − | + | STEP 2 – once the user clicks the ‘use an information card’ icon the following system calls are made from the RP site: | |
*HBX intercepts OBJECTS with type=application/x-informationcard and reads object tag. | *HBX intercepts OBJECTS with type=application/x-informationcard and reads object tag. | ||
*HBX calls getTokenByUrl() method and posts xmlToken into the targetForm. If response is empty it calls getUI() method and pops up a card selector UI | *HBX calls getTokenByUrl() method and posts xmlToken into the targetForm. If response is empty it calls getUI() method and pops up a card selector UI | ||
| Line 21: | Line 21: | ||
Figure 2 – Card Selector opens up | Figure 2 – Card Selector opens up | ||
| + | |||
[[Image:remember2.PNG]] | [[Image:remember2.PNG]] | ||
| − | + | STEP 3 - In this case, the user would select the card (lets presume this is a card that has a PIN password protecting it), click the open check box (Always use this card at this site) and click the “Next” button on the selector. | |
Figure 3 – Selector PIN prompt | Figure 3 – Selector PIN prompt | ||
| + | |||
[[Image:remember3.PNG]] | [[Image:remember3.PNG]] | ||
| − | + | STEP 4 - The selector would then prompt the user to enter their PIN number to unlock the card (see Figure 3 below). After the user enters their PIN number and clicks the “Next” button the user would see the screen as shown in Figure 4 below. During this processing, the following back-end calls are made: | |
*HBX gets getTokenObject() method with parameters credentialKey=[…,’saveCard’,…] and credentialValue=[…,’true’,…] | *HBX gets getTokenObject() method with parameters credentialKey=[…,’saveCard’,…] and credentialValue=[…,’true’,…] | ||
*RPPS retrieves the token, then RPPS deletes old relation between site and card (RPPS calls deleteCardUrlRelation of UserProfileService) and creates a new relation between this RP site and this card (RPPS calls setCardUrlRelation of UserProfileService). | *RPPS retrieves the token, then RPPS deletes old relation between site and card (RPPS calls deleteCardUrlRelation of UserProfileService) and creates a new relation between this RP site and this card (RPPS calls setCardUrlRelation of UserProfileService). | ||
| Line 36: | Line 38: | ||
Figure 4 – Token processing for RP site login | Figure 4 – Token processing for RP site login | ||
| + | |||
[[Image:remember4.PNG]] | [[Image:remember4.PNG]] | ||
| − | + | STEP 5 – After the above processing the user then finds that they are successfully logged into the RP site. An example of this is shown in Figure 5 below. | |
Figure 5 - successful login | Figure 5 - successful login | ||
| + | |||
[[Image:remember5.PNG]] | [[Image:remember5.PNG]] | ||
| − | + | STEP 6 – if the user wants to ‘un-remember’ the card used for this specific RP site, they would open their Information Card Manager (ICM – see Figure 6 below). The user would select the specific information card of interest then click the Card History tab where they would see a list of which sites they had last used this selected information card. To ‘un-remember’ the card for a specific RP site, the user would just need to click the ‘don’t use’ button for the particular site to complete the ‘un-remember’ action. When the user performs this step the following back-end calls occur: | |
*ICM calls method deleteUrlsCardRelation() of RPPS | *ICM calls method deleteUrlsCardRelation() of RPPS | ||
*Method deleteUrlsCardRelation() deletes the relation between the selected card and any of the associated sites. This method call is run against the site/card relation information, which is stored in the url array. This array is a list of sites the user does NOT have ‘remember this card at this site’ enabled. | *Method deleteUrlsCardRelation() deletes the relation between the selected card and any of the associated sites. This method call is run against the site/card relation information, which is stored in the url array. This array is a list of sites the user does NOT have ‘remember this card at this site’ enabled. | ||
Figure 6 – ICM view showing the card history and ‘unremember’ button | Figure 6 – ICM view showing the card history and ‘unremember’ button | ||
| + | |||
[[Image:remember6.PNG]] | [[Image:remember6.PNG]] | ||
Revision as of 21:24, 29 January 2008
This page outlines the user flow and Higgins based technical interactions performed to support the ‘remember this card’ function implemented as a candidate feature on the Higgins web-based deployment. This document has two sections:
- Workflow – this outlines the basic flow with screen shots and method calls activated
- Logic flow – this is a logical representation of the outlined workflow
Prerequesites: User already has installed HBX and has cards that would meet claims of RP site.
1. Workflow
STEP 1- user navigates to an RP site and see the log-in page in Figure 1 below. The user clicks on the button to log in with their information card:
Figure 1 – RP site log-in page
STEP 2 – once the user clicks the ‘use an information card’ icon the following system calls are made from the RP site:
- HBX intercepts OBJECTS with type=application/x-informationcard and reads object tag.
- HBX calls getTokenByUrl() method and posts xmlToken into the targetForm. If response is empty it calls getUI() method and pops up a card selector UI
- Method getTokenByUrl() in turn finds any relation between this RP site and card by calling the getCardInformation(…,URL) method of UserProfileService. If it finds a “remembered” card, then it retrieves a token and returns it to HBX. Otherwise it returns an empty response.
The card selector displays all the cards that have claims that would match what the RP site is requesting (see Figure 2 below). User is prompted to select the card they want to use with this site. There is an optional checkbox on the selector that allows the user to enable the selected card to be used as the default log-in card for this specific RP site.
Figure 2 – Card Selector opens up
STEP 3 - In this case, the user would select the card (lets presume this is a card that has a PIN password protecting it), click the open check box (Always use this card at this site) and click the “Next” button on the selector.
Figure 3 – Selector PIN prompt
STEP 4 - The selector would then prompt the user to enter their PIN number to unlock the card (see Figure 3 below). After the user enters their PIN number and clicks the “Next” button the user would see the screen as shown in Figure 4 below. During this processing, the following back-end calls are made:
- HBX gets getTokenObject() method with parameters credentialKey=[…,’saveCard’,…] and credentialValue=[…,’true’,…]
- RPPS retrieves the token, then RPPS deletes old relation between site and card (RPPS calls deleteCardUrlRelation of UserProfileService) and creates a new relation between this RP site and this card (RPPS calls setCardUrlRelation of UserProfileService).
- HBX posts XML posts xmlToken into the targetForm.
Figure 4 – Token processing for RP site login
STEP 5 – After the above processing the user then finds that they are successfully logged into the RP site. An example of this is shown in Figure 5 below.
Figure 5 - successful login
STEP 6 – if the user wants to ‘un-remember’ the card used for this specific RP site, they would open their Information Card Manager (ICM – see Figure 6 below). The user would select the specific information card of interest then click the Card History tab where they would see a list of which sites they had last used this selected information card. To ‘un-remember’ the card for a specific RP site, the user would just need to click the ‘don’t use’ button for the particular site to complete the ‘un-remember’ action. When the user performs this step the following back-end calls occur:
- ICM calls method deleteUrlsCardRelation() of RPPS
- Method deleteUrlsCardRelation() deletes the relation between the selected card and any of the associated sites. This method call is run against the site/card relation information, which is stored in the url array. This array is a list of sites the user does NOT have ‘remember this card at this site’ enabled.
Figure 6 – ICM view showing the card history and ‘unremember’ button
2. Logical Flow:
a)IF user land on RP site AND clicks on ‘user and information card’ THEN
- HBX intercepts OBJECTS with type=application/x-informationcard and reads object tag.
- HBX calls getTokenByUrl() method and posts xmlToken into the targetForm. If response is empty it calls getUI() method and pops up a card selector UI
- Method getTokenByUrl() in turn finds any relation between this RP site and card by calling the getCardInformation(…,URL) method of UserProfileService. If it finds a “remembered” card, then it retrieves a token and returns it to HBX. Otherwise it returns an empty response.
END IF COMPONENTS CHANGED:
b)IF user selects ‘use an information card’ AND the the getCardInformation(…,URL) method of UserProfileService returns a ‘remembered’ card THEN
- It retrieves a token and returns it to HBX
ELSE
- It returns an empty response
END IF COMONENTS CHANGED: c) IF the user selects a PIN protected information card from card selector AND click the open check box “Always use this card at this site” AND user clicks the ‘Next’ button on selector THEN
- The selector would prompt the user to enter the PIN number to unlock the selected card
END IF COMPONENTS CHANGED d)IF user enters the PIN to unlock the selected card AND user clicks the “Next” button on card selector THEN
- HBX gets getTokenObject() method with parameters credentialKey=[…,’saveCard’,…] and credentialValue=[…,’true’,…]
- RPPS retrieves the token, then RPPS deletes old relation between site and card (RPPS calls deleteCardUrlRelation of UserProfileService) and creates a new relation between this RP site and this card (RPPS calls setCardUrlRelation of UserProfileService).
- HBX posts XML posts xmlToken into the targetForm.
- User is taken to a ‘successful log-in’ page.
END IF COMPONENTS CHANGED: e)IF user wants to un-remember the card used for this specific RP site THEN
- User would open their Information Card Manager (ICM), AND select the card of interest
- User would select the card history tab to view the list of which sites they had last used this selected information card.
END IF COMPONENTS CHANGED: f)IF the user selects the ‘don’t use’ button for the specific card and selected site combination THEN
- ICM calls method deleteUrlsCardRelation() of RPPS
- Method deleteUrlsCardRelation() deletes the relation between the selected card and any of the associated sites. This method call is run against the site/card relation information, which is stored in the url array. This array is a list of sites the user does NOT have ‘remember this card at this site’ enabled.
END IF