Not logged in : Login

About: http://ods-qa.openlinksw.com:8896/proxy-iri/05dd8e9ef1799f340a43f7ee2b7efbe24bb65324     Goto   Sponge   NotDistinct   Permalink

An Entity of Type : schema:DiscussionForumPosting, within Data Space : ods-qa.openlinksw.com:8896 associated with source document(s)

AttributesValues
type
datePublished
described by
author
  • JornWildt
position
  • #2
articleBody
  • This raises another question - in order to allow the web-app’s server to link the WebId with some internal account, the web-app/browser must be able to prove it’s WebId to the server. Unfortunately the server was never involved in the login process which is strictly confined to the browser and the web-app’s javascript code, so the server has no knowledge of that process. The web-app cannot simply POST it’s WebId to the server since anybody else would be able to do the same with any WebId they wanted. Neither can the web-app build a signed OpenID Connect token to POST as the signing key would be available to anyone that can read the javascript code. So how does the web-app / browser-javascript-code prove the WebId it received to the server it is served from? Is there any token of some sort the web-app can send to the server and allow it to validate it with the remove WebId identity provider?
interactionCount
  • UserComments:0
  • UserLikes:0
headline
  • Registering paying users for a web-app
is topic of
is container of of
is object of
is subject of
Faceted Search & Find service v1.17_git38 as of Aug 05 2019


Alternative Linked Data Documents: ODE     Content Formats:       RDF       ODATA       Microdata      About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data] Valid XHTML + RDFa
OpenLink Virtuoso version 08.01.3307 as of May 21 2018, on Linux (x86_64-redhat-linux-gnu-ANALYTICS), Single-Server Edition (7 GB total memory)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2020 OpenLink Software