This is a playground for FOAF+SSL integration in XWiki.
WebId's are so simple to make and to use, that it is difficult to explain. The following screen cast does this better than any HOWTO could:
With foaf+ssl, you no longer need to type a username or remember a password. Public Key Cryptography takes care of that. As Dan Kaminsky pointed out in a few of his speeches, the major security problem on the web are passwords. 60% of security breaches can be attributed to them. Why are they still so ubiquitous? Because the only secure contender, SSL - the protocol that gave us online shopping - and X.509 were too expensive and complex for end users. But this need to be so. By tying X.509 to the semantic web, we solve the major problem of cost, and introduce powerful flexibility. On the server side DNSsec will solve the other half of the problem. See the recent thread on the foaf-protocols list.
Currently you can get yourself an account on here, the normal way, then create yourself a WebID.
HOWTO
Create an account here with a password
On your profile page create a WebId: just click the "create certificate request" button and a certificate will be added to your browser (likely need to restart your browser)
You can then login to a growing number of sites with one click. No more username or password to type!
The idea is that you only need one account (though you can have a few) to login to all other sites. Ideally this account would be on a server you control.
Features
When you get yourself a WebId you automatically get an OpenId too that uses foaf+ssl authentication via http://openid4.me/ . The openid is a bit ugly for the moment (it is too long). Making it shorter is on the todo list below.
Todo
of course the certificates created here should be created behind https in order to avoid a man in the middle attack in the certificate generation process (given that WebIds are not being used for anything much this is not an urgent issue - but of course people will point this out)
Looking for ways to simplify IE cert creation!!! Please let us know of any cool tricks you may know of.
Build a component that can be added to XWiki or Restlets so as to not require an external IDP (this will require support for https though)
Add Access Controls to parts of this wiki for members of given foaf:Groups
[enter your idea]
Web site Issues
XWiki deploys profiles in RDFa, which is still very new. A lot of the foaf+ssl community is just moving over to supporting that, so a number of sites will seem broken when attaching from here.
The Cheese Lover's club is not functioning
Ontowiki's login feedback is way too minimal for the moment
Browser issues
None of the browsers are good at showing the user which cert he is using. But developments are on their way:
Safari on OSX has the same issue as Chrome above, but it is very difficult to get any response from their developers through their bug database. If you know how to bring their attention please do.
This is a wiki, ie an easy-to-edit website that will help you work better together. This Wiki is made of pages sorted by spaces. You're currently in the Main space, looking at its home page (WebHome).
Failed to execute the [velocity] macro. Cause: [The execution of the [velocity] script macro is not allowed in [webid:Main.Dashboard]. Check the rights of its last author or the parameters if it's rendered from another script.]. Click on this message for details.
org.xwiki.rendering.macro.MacroExecutionException: The execution of the [velocity] script macro is not allowed in [webid:Main.Dashboard]. Check the rights of its last author or the parameters if it's rendered from another script. at org.xwiki.rendering.macro.script.AbstractScriptMacro.execute(AbstractScriptMacro.java:178) at org.xwiki.rendering.macro.script.AbstractScriptMacro.execute(AbstractScriptMacro.java:58) at org.xwiki.rendering.internal.transformation.macro.MacroTransformation.transform(MacroTransformation.java:311) at org.xwiki.rendering.internal.transformation.DefaultRenderingContext.transformInContext(DefaultRenderingContext.java:183) at org.xwiki.rendering.internal.transformation.DefaultTransformationManager.performTransformations(DefaultTransformationManager.java:88) at org.xwiki.rendering.internal.macro.include.IncludeMacro.lambda$execute$0(IncludeMacro.java:207) at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:98) at org.xwiki.rendering.internal.macro.include.IncludeMacro.execute(IncludeMacro.java:206) at org.xwiki.rendering.internal.macro.include.IncludeMacro.execute(IncludeMacro.java:59) at org.xwiki.rendering.internal.transformation.macro.MacroTransformation.transform(MacroTransformation.java:311) at org.xwiki.rendering.internal.transformation.DefaultRenderingContext.transformInContext(DefaultRenderingContext.java:183) at org.xwiki.rendering.internal.transformation.DefaultTransformationManager.performTransformations(DefaultTransformationManager.java:88) at org.xwiki.display.internal.DocumentContentAsyncExecutor.executeInCurrentExecutionContext(DocumentContentAsyncExecutor.java:396) at org.xwiki.display.internal.DocumentContentAsyncExecutor.execute(DocumentContentAsyncExecutor.java:269) at org.xwiki.display.internal.DocumentContentAsyncRenderer.execute(DocumentContentAsyncRenderer.java:112) at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.render(AbstractBlockAsyncRenderer.java:157) at org.xwiki.rendering.async.internal.block.AbstractBlockAsyncRenderer.render(AbstractBlockAsyncRenderer.java:54) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.syncRender(DefaultAsyncRendererExecutor.java:290) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.render(DefaultAsyncRendererExecutor.java:267) at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor.execute(DefaultBlockAsyncRendererExecutor.java:125) at org.xwiki.display.internal.DocumentContentDisplayer.display(DocumentContentDisplayer.java:67) at org.xwiki.display.internal.DocumentContentDisplayer.display(DocumentContentDisplayer.java:43) at org.xwiki.display.internal.DefaultDocumentDisplayer.display(DefaultDocumentDisplayer.java:96) at org.xwiki.display.internal.DefaultDocumentDisplayer.display(DefaultDocumentDisplayer.java:39) at org.xwiki.sheet.internal.SheetDocumentDisplayer.display(SheetDocumentDisplayer.java:123) at org.xwiki.sheet.internal.SheetDocumentDisplayer.display(SheetDocumentDisplayer.java:52) at org.xwiki.display.internal.ConfiguredDocumentDisplayer.display(ConfiguredDocumentDisplayer.java:68) at org.xwiki.display.internal.ConfiguredDocumentDisplayer.display(ConfiguredDocumentDisplayer.java:42) at com.xpn.xwiki.doc.XWikiDocument.display(XWikiDocument.java:1388) at com.xpn.xwiki.doc.XWikiDocument.getRenderedContent(XWikiDocument.java:1524) at com.xpn.xwiki.doc.XWikiDocument.displayDocument(XWikiDocument.java:1474) at com.xpn.xwiki.doc.XWikiDocument.displayDocument(XWikiDocument.java:1443) at com.xpn.xwiki.api.Document.displayDocument(Document.java:788) at jdk.internal.reflect.GeneratedMethodAccessor7834.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.base/java.lang.reflect.Method.invoke(Unknown Source) at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:571) at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:554) at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:221) at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:368) at org.apache.velocity.runtime.parser.node.ASTReference.value(ASTReference.java:704) at org.apache.velocity.runtime.parser.node.ASTExpression.value(ASTExpression.java:75) at org.apache.velocity.runtime.parser.node.ASTSetDirective.render(ASTSetDirective.java:242) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:147) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:439) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:190) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:147) at org.xwiki.velocity.internal.directive.TryCatchDirective.render(TryCatchDirective.java:86) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:304) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:439) at org.apache.velocity.Template.merge(Template.java:358) at org.apache.velocity.Template.merge(Template.java:262) at org.xwiki.velocity.internal.InternalVelocityEngine.evaluate(InternalVelocityEngine.java:225) at com.xpn.xwiki.internal.template.VelocityTemplateEvaluator.evaluateContent(VelocityTemplateEvaluator.java:105) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.evaluateContent(TemplateAsyncRenderer.java:219) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.renderVelocity(TemplateAsyncRenderer.java:174) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.render(TemplateAsyncRenderer.java:135) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.render(TemplateAsyncRenderer.java:54) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.lambda$syncRender$0(DefaultAsyncRendererExecutor.java:284) at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:98) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.syncRender(DefaultAsyncRendererExecutor.java:284) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.render(DefaultAsyncRendererExecutor.java:267) at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor.render(DefaultBlockAsyncRendererExecutor.java:154) at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:904) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:866) at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:853) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderNoException(InternalTemplateManager.java:808) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderNoException(InternalTemplateManager.java:800) at com.xpn.xwiki.internal.template.DefaultTemplateManager.renderNoException(DefaultTemplateManager.java:79) at com.xpn.xwiki.internal.template.DefaultTemplateManager.renderNoException(DefaultTemplateManager.java:73) at org.xwiki.template.script.TemplateScriptService.render(TemplateScriptService.java:54) at jdk.internal.reflect.GeneratedMethodAccessor7616.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.base/java.lang.reflect.Method.invoke(Unknown Source) at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:571) at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:554) at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:221) at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:368) at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:492) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:147) at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:218) at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:331) at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:261) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:304) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:439) at org.apache.velocity.Template.merge(Template.java:358) at org.apache.velocity.Template.merge(Template.java:262) at org.xwiki.velocity.internal.InternalVelocityEngine.evaluate(InternalVelocityEngine.java:225) at com.xpn.xwiki.internal.template.VelocityTemplateEvaluator.evaluateContent(VelocityTemplateEvaluator.java:105) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.evaluateContent(TemplateAsyncRenderer.java:219) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.renderVelocity(TemplateAsyncRenderer.java:174) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.render(TemplateAsyncRenderer.java:135) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.render(TemplateAsyncRenderer.java:54) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.lambda$syncRender$0(DefaultAsyncRendererExecutor.java:284) at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:98) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.syncRender(DefaultAsyncRendererExecutor.java:284) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.render(DefaultAsyncRendererExecutor.java:267) at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor.render(DefaultBlockAsyncRendererExecutor.java:154) at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:904) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:866) at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:853) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderNoException(InternalTemplateManager.java:808) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderNoException(InternalTemplateManager.java:800) at com.xpn.xwiki.internal.template.DefaultTemplateManager.renderNoException(DefaultTemplateManager.java:79) at com.xpn.xwiki.internal.template.DefaultTemplateManager.renderNoException(DefaultTemplateManager.java:73) at org.xwiki.template.script.TemplateScriptService.render(TemplateScriptService.java:54) at jdk.internal.reflect.GeneratedMethodAccessor7616.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.base/java.lang.reflect.Method.invoke(Unknown Source) at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.doInvoke(UberspectImpl.java:571) at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:554) at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:221) at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:368) at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:492) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:147) at org.apache.velocity.runtime.directive.VelocimacroProxy.render(VelocimacroProxy.java:218) at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:331) at org.apache.velocity.runtime.directive.RuntimeMacro.render(RuntimeMacro.java:261) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:304) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:147) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:171) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:147) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:439) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:190) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:439) at org.apache.velocity.Template.merge(Template.java:358) at org.apache.velocity.Template.merge(Template.java:262) at org.xwiki.velocity.internal.InternalVelocityEngine.evaluate(InternalVelocityEngine.java:225) at com.xpn.xwiki.internal.template.VelocityTemplateEvaluator.evaluateContent(VelocityTemplateEvaluator.java:105) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.evaluateContent(TemplateAsyncRenderer.java:219) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.renderVelocity(TemplateAsyncRenderer.java:174) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.render(TemplateAsyncRenderer.java:135) at com.xpn.xwiki.internal.template.TemplateAsyncRenderer.render(TemplateAsyncRenderer.java:54) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.lambda$syncRender$0(DefaultAsyncRendererExecutor.java:284) at com.xpn.xwiki.internal.security.authorization.DefaultAuthorExecutor.call(DefaultAuthorExecutor.java:98) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.syncRender(DefaultAsyncRendererExecutor.java:284) at org.xwiki.rendering.async.internal.DefaultAsyncRendererExecutor.render(DefaultAsyncRendererExecutor.java:267) at org.xwiki.rendering.async.internal.block.DefaultBlockAsyncRendererExecutor.render(DefaultBlockAsyncRendererExecutor.java:154) at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:904) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:866) at com.xpn.xwiki.internal.template.InternalTemplateManager.renderFromSkin(InternalTemplateManager.java:846) at com.xpn.xwiki.internal.template.InternalTemplateManager.render(InternalTemplateManager.java:832) at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:91) at com.xpn.xwiki.internal.template.DefaultTemplateManager.render(DefaultTemplateManager.java:85) at com.xpn.xwiki.XWiki.evaluateTemplate(XWiki.java:2564) at com.xpn.xwiki.web.Utils.parseTemplate(Utils.java:180) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:651) at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:339) at com.xpn.xwiki.web.LegacyActionServlet.service(LegacyActionServlet.java:108) at javax.servlet.http.HttpServlet.service(HttpServlet.java:733) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:122) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.xwiki.wysiwyg.filter.ConversionFilter.doFilter(ConversionFilter.java:61) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:132) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:117) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:354) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:888) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1684) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Unknown Source)
Error