Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Solutions/RCP Selector Solution
Contents
Introduction
This solution provides a Eclipse RCP based program which can be installed into end-user desktop machines. This program consists of the complete Higgins infrastructure stuffs (refer to the architecture section), as well as a SWT/JFace based I-Card selector, in order to give end-user a more secure way to manage i-cards, and a rich and friendly user experience of i-card selection.
The solution program runs on end-user desktop machine as a daemon process, and provides browser integration function (see the following sections) by default. On Windows platform, the intgration code will give end-user a chance to select Microsoft CardSpace or Higgins as their default i-card management and selection program. The solution program also provide integration interface to other applications (e.g. Java application) through different ways.
How it works:
- When the program first run, it launches a card manager UI, where the user can manage the I-Cards s/he has. The user can minimize the program as a system tray, and start it at any time s/he wants. The program also opens a socket to listen to the HBX requests.
- When user submit a info-card form in IE, the HBX intercept the action, collect the policy string, and send the string to the RCP program through the socket.
- The RCP program then launch the RCP based I-Card selector UI, and user can use and send card in this UI. Here User can not shift to other applications, as the I-Card selector UI will cover the desktop with a half-transparent mask, and only the I-Card selector workbench is active.
- Once the RCP program receives the security token from STS, it send the token to HBX through the socket connection.
- HBX then send out the security token to the RP site.
Note: The HBX component referred to above is the Higgins Browser Extension for IE7 not Higgins Browser Extension for Firefox.
End-User Perspective
Functionality
This program contains two parts of function: i-card management, and i-card selection.
Based on the secure storage component, this program provides a rich user interface to manage the i-cards. I-cards are stored in a card store file, (with ext .crds), which is encrypted and protected by password. When you first startup the program, you are required to select an existing card store file, and enter it's password. You can also create new card store file.
After you entered the correct password of a card store file, the i-card manager UI startup, and here you can view all of the cards inside the current store file. You can create a new personal i-card, import a managed i-card, backup the selected i-cards, restore i-cards from a card store file, or delete i-cards. The program provides user friendly GUI for you to do so.
The main GUI figure for the card manager functionality, (the GUI may be modified in later development).
The card selector UI is invoked by the Web browser (currently we only support IE), where all of the i-cards that are filtered by the relying party policy are presented, and the relying party site's information is also listed here. The end-user can select one card according to the information, and then input the identity provider credential, if necessary. Finially the selector fetches the security token from the identity provider, and posts to the relying party.
Setup
The solution will provide a install program in the future.
Deployer Perspective
You can check out the following project from Eclipse SVN:
- Configuration
- org.eclipse.higgins.configuration.api
- org.eclipse.higgins.configuration.common
- org.eclipse.higgins.configuration.xml
- org.eclipse.higgins.configuration.xrds
- ICard and selector service
org.eclipse.higgins.iss org.eclipse.higgins.iss.cardspace org.eclipse.higgins.icard org.eclipse.higgins.icard.common org.eclipse.higgins.icard.registry org.eclipse.higgins.icard.provider.cardspace.common org.eclipse.higgins.icard.provider.cardspace.managed org.eclipse.higgins.icard.provider.cardspace.managed.xml org.eclipse.higgins.icard.provider.securestorage IdAS org.eclipse.higgins.idas.api org.eclipse.higgins.idas.spi org.eclipse.higgins.idas.common org.eclipse.higgins.idas.registry STS org.eclipse.higgins.sts.api org.eclipse.higgins.sts.spi org.eclipse.higgins.sts.xmlsecurity.apache org.eclipse.higgins.sts.base64.apache org.eclipse.higgins.sts.binding.axis1x.client org.eclipse.higgins.sts.binding.axis1x.common org.eclipse.higgins.sts.client org.eclipse.higgins.sts.common org.eclipse.higgins.sts.server.mapper.appliesto org.eclipse.higgins.sts.server.mapper.extension org.eclipse.higgins.sts.server.mapper.polling org.eclipse.higgins.sts.server.metadata org.eclipse.higgins.sts.server.token.alf org.eclipse.higgins.sts.server.token.compound org.eclipse.higgins.sts.server.token.encrypt org.eclipse.higgins.sts.server.token.handler org.eclipse.higgins.sts.server.token.identity org.eclipse.higgins.sts.server.token.saml org.eclipse.higgins.sts.server.token.self org.eclipse.higgins.sts.server.token.trust Misc and Utils org.eclipse.higgins.dependencies.redistributable org.eclipse.higgins.message org.eclipse.higgins.registry org.eclipse.higgins.rsse org.eclipse.higgins.util.jscript
Download
<..how to obtain the .WAR, .jar, etc.>
Deploying
<..how to deploy a complete working solution>
Configuration
<..configuration files, options, etc.>
Developer Perspective
<links to one or more pages to describe...>
Architecture
<..[flow diagrams]>
<..list of components used>
Building
<..how to get the source>
<..how to build executables (jars, wars, exes, etc)>