PHP Relying Party Sample - Documentation

PHP Relying Party Sample

IMPORTANT: This guide assumes that you are installing all the components of the Identity Solution in the same system, and that you try it out from the same system (i.e., we assume that everything is done within the localhost).

This sample demonstrate how the relying party Apache2 module (mod_cspace) can be used to enable CardSpace authentication on a PHP web application.

Requirements:

Please follow the instructions listed below:

Step 1: Setting up Apache2 Web Server with SSL/TLS and PHP

Please refer to the following web sites for information on installing Apache2 with SSL/TLS enabled: NOTE: you do not have to generate your own keys. This sample provides you the keys required. The keys directory contains three PEM encoded files: server.key, server.crt, and cacert.crt which are respectively the server private key, server certificate (public key), and certificate authority's certificate. Your configuration of keys in httpd.conf should look like the following:
SSLCertificateFile /usr/local/apache2/conf/keys/server.crt
SSLCertificateKeyFile /usr/local/apache2/conf/keys/server.key
SSLCACertificateFile /usr/local/apache2/conf/keys/cacert.crt

Step 2: Running the Token Verifier Service

Please follow the Identity Provider installation guide and install the Token Verifier Service. Since the Identity Provider by default adds the localhost as a globally trusted relying party, no configuration is necessary there. (Please see the Identity Provider documentation for more information)

Step 3: Installing the CardSpace Module and the Sample Web Application

Copy mod_cspace.so file provided with the distribution to the modules directory of your apache installation. (usually /usr/lib/apache2/modules/) Copy php-sample directory to the document root of your Apache2 installation.

Set the environment variable WSFC_HOME to point to the wsf-c directory inside the package extracted (i.e., the package which contained this sample).

Set the environment variable LD_LIBRARY_PATH to include the wsf-c/lib directory as well.

For instance if your current working directory is where you have extracted the identity solution package:

% export WSFC_HOME = `pwd`/wsfc-id
% export LD_LIBRARY_PATH = ${WSFC_HOME}/lib

Step 4: Configuring Apache2 (httpd.conf)

Following configuration should be done in your httpd.conf file of the Apache 2 installation. Assuming that you have copied the php-sample to the document root of your Apache2 installation, the configuration in your httpd.conf should be as follows:

LoadModule cspace_module modules/mod_cspace.so

<Location /php-sample/>
    UseCardSpaceAuth
    CardSpaceTVS http://localhost:12080/wsas/services/RelyingPartyService
</Location>
IMPORTANT:

Step 5: Run Apache2 server and try logging in to the web app

Point your browser to the location you have installed the web application. If you followed this guide properly, it will be https://localhost/php-sample/. Now you can try out the sample PHP web application. IMPORTANT: