Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)

From: "Jim Sermersheim" <jimse@xxxxxxxxxx>
Date: Fri, 11 Aug 2006 18:15:08 -0600
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <http://eclipse.org/pipermail/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>

>>> Greg Byrd <gbyrd@xxxxxxxx> 8/11/06 1:07 PM >>>
>
>Yes, I (mostly) agree. (It's possible in some cases to detected this
>hijacking -- e.g., using the
>JAAS getSubject call -- but in general it's not possible. So passing
>IContext instances around
>should be avoided.)
>
>I looked through the API to see if there were places where we return an
>IContext:
>
>IContextFactory.createContext -- of course
>IDigitalSubject.getContext -- this is supposed to "return the Context
>that contains this DigSub"
>
>Should this second one return:
>(a) the actual Context instance that created this DigitalSubject object?
>(b) a new (unopened) Context instance?
>(c) a ContextRef?

Safest (and probably easiest to implement) would be a (c). (a) exposes the security risk, and (b) causes IDigitalSubject to act a bit like a context factory. I think (c) is manageable from a consumer's POV.

>We do have methods that return IDigitalSubjects, via
>SubjectRelationships. These DigitalSubjects
>may be from different contexts. Should the relationship instead return
>a reference to a DigitalSubject,
>as in ContextRef+CUID?

I mentioned (or meant to mention) this once before as something that seemed like it needed to change. IContext has relationships with other IContexts via their contextRef (extends hasRelationships<URI>), whereas IDigitalSubject extends hasRelationships<IDigitalSubject>. I prefer what you said above (IDigitalSubject having relationships to ContextRef+CUID pairs).

>In other words, if I follow a relationship from a Subject in my opened
>Context to a Subject that
>belongs to a different (unopened) Context, and then do getContext on
>that Subject, what should I get?

Right, and do you even get the DS back? I mean, without an open context, how is it obtained (using what identity for authN/authZ?)

>My opinion is that getSubject should return a ContextRef,

Typo? Do you mean "getContext should return a ContextRef"?

>and that
>SubjectRelationship should return
>Iterable<IDigitalSubjectRef>.

I still prefer the ContextRef+CUID pair.

Jim

Follow-Ups:
- [higgins-dev] What is a relationship? (was whoami (was [IdAS] Context open/close semantics))
  - From: Tom Doman
- Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)
  - From: Greg Byrd

References:
- [higgins-dev] [IdAS] Context open/close semantics
  - From: Greg Byrd
- Re: [higgins-dev] [IdAS] Context open/close semantics
  - From: Jim Sermersheim
- Re: [higgins-dev] [IdAS] Context open/close semantics
  - From: Greg Byrd
- Re: [higgins-dev] [IdAS] Context open/close semantics
  - From: Jim Sermersheim
- Re: [higgins-dev] [IdAS] Context open/close semantics
  - From: Greg Byrd
- [higgins-dev] whoami (was [IdAS] Context open/close semantics)
  - From: Jim Sermersheim
- Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)
  - From: Greg Byrd

Prev by Date: Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)
Next by Date: Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)
Previous by thread: Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)
Next by thread: Re: [higgins-dev] whoami (was [IdAS] Context open/close semantics)
Index(es):
- Date
- Thread

Breadcrumbs