Basic WWPass authentication
- You have a web server with PHP support and MySQL database server. We have tested the application on what is called "LAMP" configuration (Linux/Apache/MySQL/PHP) - Linux Ubuntu 12.04.
- You have registered your site and got WWPass Service Provider credentials (certificate and private key). If your site has the URL of "mysite.com" and you follow the recommended file naming when obtaining SP credentials, the files will be named as mysite.com.crt (for certificate) and mysite.com.key (for private key). WWPass CA certificate should also be downloaded and made accessible to our application. If you have root access to your computer, then /etc/ssl is appropriate place to store the certificates and the key.
- You have created a database, accessible from your Web server. Let us call it "wwpass_puid_db". Let the database user be "wwpass_puid_db_user" with password "wwpass_puid_db_password".
First, create a table in the "wwpass_puid_db" database:
Next, we assume the following directory structure for the application:
index.php file is the application code.
The code intentionally lacks error checking for the sake of simplicity and clarity.
Code content is a follows:
Code examples in red must be changed to reflect your web application
The example code determines what the behavior of your web application should be based on the following three scenarios:
- WWPass Key is authenticated for the first time and the user does not already have an account with your site, start registering new user.
- WWPass Key is authenticated for the first time and the user already has an account with your site, update the database, set the appropriate session variable and proceed.
- WWPass Key is already linked to a user account. Simply set the appropriate session variable and proceed.
The details of handling these scenarios may be different. It all depends on what sort of web application you have. For example you may just automatically register a new user without asking anything.
Congratulations, your site is now WWPass-enabled.