WebID Express/Connect middleware

WebID middleware for express/connect

A WebID authentication middleware module for express/connect applications.

See also:

Example code:

var expressWebId = require('express-webid'); var options = {'getCertificateCallback': expressWebId.getCertificateFromConnection, 'defaultAgent': ''}; app.use(expressWebId.login(options));

This code registers the middleware to the express application. The certificate will be read from the connection. If the authentication fails the agent will be used for the session.

Returns the middleware function. The following options are accepted:

  • getCertificateCallback The function which should be used to fetch the certificate (default: getCertificateFromConnection)
  • defaultAgent The default agent if the authentication process fails (default: '_:anonymous')
  • doRenegotiation Use renegotiation to ask for a certificate (currently not supported by Node.js, default: false)

Returns the certificate bind to the connection.

Returns the certificate from the header field ssl_client_cert. This should be used only for applications behind reverse proxies! Currently this is the only workaround to use renegotiation for a single resource.

Example Apache configuration:

<Location /login-webid>
  SSLOptions +ExportCertData
  SSLVerifyClient optional_no_ca

  # clear header field -> prevent injection!
  RequestHeader set SSL_CLIENT_CERT ""
  RequestHeader set SSL_CLIENT_CERT "%{SSL_CLIENT_CERT}s"