[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [higgins-dev] Proposed change to IdAS
|
Shouldn't cause any problems for anyone. Regardless of the idiosyncracy of JNDI and operational attributes, it was discussed long ago that we'd want the ability to limit what attributes come back for a given DigitalSubject, especially given that some DigitalSubject may be composed of thousands of attributes. Why waste the time and memory space if we're only interested in a very small and known number of them as is the case with the STS.
Tom
>>> "Jim Sermersheim" <jimse@xxxxxxxxxx> 11/29/2006 4:59 PM >>>
While integrating code for the demo, we found that we needed to allow an IdAS consumer to specify a list of attributes to fetch when calling IContext.getDigitalSubject.
As it turns out, the JNDI provider requires certain types of attributes (in LDAP called "operational attributes") to be fetched if asked for by name. There's no way (with JNDI) to fetch "all operational attributes".
So locally, I've added IContext.getSubject(String cuid, Iterable<URI> attrSelectionList) where attrSelectionList is a list of attribute types that the consumer expects to read from the resulting IDigitalSubject. I just wanted to see if this causes any problems before I committed it.
Jim
