Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[higgins-dev] Re: M4 Architecture
Thanks Raj, that is my point also.  I would like to see that articulated in the picture as showing IdAS on top and CPI on bottom.
 
Paul, if you are not comfortable drawing another box, maybe we can put IdAS/CPI as the descriptor in the box, and I like to have Raj's description below listed there as an explanation.
 
-Baber

>>> Nataraj Nagaratnam < natarajn@xxxxxxxxxx > 4/1/2006 6:00 pm >>>
Thanks for bringing this to attention/discussion, Baber. I didn't realize
this change ...

One liner is my view is -- IdAS is the API, CPI is the SPI.

IdAS is a fundamental concept and important. That is what applications
(including STS, etc) will know and use .. for those who are not identity
provider savvy, all they need to know is the IdAS. If collaboration sites,
transaction applications, need to use Higgins and they ask us what to do
.. then we tell them that the programming model - IdAS is what you need
to know about. They do not need to worry about context providers. For
those site providers who need to participate in a given identity
metasystem, then CPI is a way for them to plug into that system. Thus, in
a framework provider model ... I see IdAS as the "API" that others
(applications including STS, or other apps that need identity info, etc)
can talk to. CPI is the pluggable "SPI" that allows providers to be
plugged into a metasystem and thus accesible through an IdAS.

-Raj

ps: i am using the term metasystem loosely here ;) .. to get the point
across about various contexts can be accessed through a system where those
contexts are 'registered' in some sense.




"Baber Amin" < baber@xxxxxxxxxx >
04/01/2006 07:17 PM

To
< higgins-dev@xxxxxxxxxxx >, "Tom Doman" < TDoman@xxxxxxxxxx >, Anthony
Nadalin/Austin/IBM@IBMUS
cc
"Duane Buss" < DBuss@xxxxxxxxxx >, "Dale Olds" < DOlds@xxxxxxxxxx >, "John
Calcote" < JCALCOTE@xxxxxxxxxx >, "Jim Sermersheim" < JIMSE@xxxxxxxxxx >,
"Juan Carlos Luciani" < JLUCIANI@xxxxxxxxxx >, "Pat Felsted"
< PFELSTED@xxxxxxxxxx >, "Igor Tsinman" < igor@xxxxxxxxxxxxx >, "Valery
Kokhan" < valery@xxxxxxxxxxxxx >, "'Mary Ruddy'" < mary@xxxxxxxxxxxxxxxxx >,
"Paul Trevithick" < paul@xxxxxxxxxxxxxxxxx >, "John Merrells"
< merrells@xxxxxxxx >, Michael McIntosh/Watson/IBM@IBMUS, Nataraj
Nagaratnam/Raleigh/IBM@IBMUS, "Jan Camenisch" < jca@xxxxxxxxxxxxxx >
Subject
M4 Architecture






Hi Folks, the picture at the URL below has renamed IDAS to Context
Provider Interface. They might perform the same function, but I feel
that we need to have IDAS with a very thin CPI layer under it for the
context providers to plug into.

I see IDAS as a major Higgins component to be used on back-end services
where we won't need anything above it. This is where IDAS and Higgins
act as a identity normalization layer. Having just a CPI there feels
empty. Even in the M4 picture, we see the top of CPI talking to STS.
Since an STS is not a context provider it should not be talking to that
interface, the top of the CPI should be IDAS.

Do you agree Paul?

Cheers
-Baber

http://spwiki.editme.com/ArchitectureM4
[attachment "higgins web integration 060315_1.JPG" deleted by Nataraj
Nagaratnam/Raleigh/IBM]

Back to the top