Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
RCP Selector 1.0
This page describes the RCP Selector 1.0 solution that is part of Higgins 1.0. Note: This solution is not part of Higgins 1.1 and thus not supported as part of any Higgins 1.1 milestone builds.
Contents
Introduction
This solution provides a Eclipse RCP based program which can be installed into end-user desktop machines. This program consists of the complete Higgins infrastructure stuffs (refer to the architecture section), as well as a Eclipse Form based I-Card selector, in order to give end-user a more secure way to manage i-cards, and a rich and friendly card selection user-experience.
The solution program runs on end-user desktop machine as a daemon process, and provides browser integration function (Now we only provide an IE based solution, see the following sections) by default. On Windows platform, the browser integration code will give end-user a chance to select Microsoft CardSpace or Higgins as their default i-card management and selection program. The solution program also provide integration interface to other applications (e.g. Java application) through different ways.
How it works:
- The RCP program workes on the i-cards that you have stored in a .crds file (the card store backup formate in Microsoft CardSpace). When the program first run, you can use a default card store, or other card store file. You need to put your password to access such file.
- After that, the program launches a card manager UI, where you can manage the I-Cards s/he has. The user can minimize the program as to the system tray, and start it at any time s/he wants by click the system tray icon.
- The program also opens a socket to listen to the HBX requests. When user submit a info-card form in IE, the browser extension intercept the action, collect the policy string, and send the string to the RCP program through the socket.
- The RCP program then launch the RCP based I-Card selector UI, and user can use and send card in this UI. Here User can not shift to other applications, as the I-Card selector UI will cover the desktop with a half-transparent mask, and only the I-Card selector workbench is active.
- Once the RCP program receives the security token from STS, it send the token to HBX through the socket connection.
- HBX then send out the security token to the RP site.
Note: The HBX component referred to above is the Higgins Browser Extension for IE7 not Higgins Browser Extension for Firefox.
End-User Perspective
Functionality
This program contains two parts of function: i-card management, and i-card selection.
Based on the secure storage component, this program provides a rich user interface to manage the i-cards. I-cards are stored in a card store file, (with ext .crds), which is encrypted and protected by password. When you first startup the program, you are required to select an existing card store file, and enter it's password. You can also create new card store file.
After you entered the correct password of a card store file, the i-card manager UI startup, and here you can view all of the cards inside the current store file. You can create a new personal i-card, import a managed i-card, backup the selected i-cards, restore i-cards from a card store file, or delete i-cards. The program provides user friendly GUI for you to do so.
The GUI may be modified in later development.
The card selector UI is invoked by the Web browser (currently we only support IE), where all of the i-cards that are filtered by the relying party policy are presented, and the relying party site's information is also listed here. The end-user can select one card according to the information, and then input the identity provider credential, if necessary. Finially the selector fetches the security token from the identity provider, and posts to the relying party.
The GUI may be modified in later development.
Setup
This solution is a desktop program, so it will provide a installer program in the future. For Windows system, the installer program do the following things:
- Put the IE or Firefox plugins into the specific folder, register the DLL file, and then modify the Windows system registry for the IE plugin.
- Put the Eclipse RCP application into the specific folder.
- Created the RCP startup properties file
Deployer Perspective
Deploying
The section describes the deployment status (without the installer program).
- Get the following binary packages:
- The Eclipse RCP program binary package. Refer to the "Building" section for how to create this package by source code.
- The Higgins browser extension for IE. This is a dll file, also refer to the "Building" section for how to create this dll file for Windows.
- Deploy the default card store file.
- If you have a *.crds file, you need to rename it as "cardstore.crds" and put it into [User Home]\.higgins\.icard\.
- For Windows XP system, the [User Home] should be C:\Document and Settings\[User account].
- If you have a *.crds file, you need to rename it as "cardstore.crds" and put it into [User Home]\.higgins\.icard\.
- Deploy the Higgins browser extension for IE.
- Open a command-line window.
- Execute regsvr32 hbxie.dll, you will see a message box pop-up reporting the dll has been regstered successfully.
- Open Windows register editor, find this item:
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-informationCard
- Change the "CLS_ID" to the following value:
- {EF0EA349-971F-4C32-939D-1F9CBBC2A596}
- Copy a "startup.jar" into the "eclipse" folder of your Eclipse RCP package, and start the RCP program by the following command line:
- java -cp startup.jar org.eclipse.core.launcher.Main -application org.eclipse.higgins.crpps.application -debug -console -consolelog
Configuration
- The identity provider configuration folder locates inside the project
- org.eclipse.higgins.crpps/Configuration
- You can also manage the default card store location by menu item.
- [Window]-[Preferences]
Developer Perspective
Architecture
Building
This section describes the steps a developer would use to build deployable artifacts.