[higgins-dev] Notes from December 14 Higgins call

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[higgins-dev] Notes from December 14 Higgins call

From: "Paul Trevithick" <paul@xxxxxxxxxxxxxxxxx>
Date: Thu, 14 Dec 2006 13:25:01 -0500
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AccfrSq+9fqTAE3GTta1VLNTKAtluw==

*** Action items at the bottom ***

Attendees
---------
- Mary, Paul, Heather, Dale, Abhi, Jeff, Tom, Valery, Daniel, Greg, Tony,
Uppili, Gerry, Andy

Discussion
==========

1. Paul: Review of a new IdAS Registry / Configuration proposal (see
http://wiki.eclipse.org/index.php/IdAS_Registry_and_Configuration )
------------------------------------------------------------------
- canConnect semantics: it needs to reply whether the backing data exists.
It is an impl decision as to whether it actually connects then or later with
the 'open' call.
- We think we want f.getConfigPropNames() to have required and optional
properties
- canCreate vs. conConnect --they are different
- flow 1a: create (if new) or 1b: connect (if not new), then 2: open
- Jim: should we really have two separate methods? Why not overload connect

- Tom: would like to see a sample context provider pseudo-code
- Jim: what defines a context as being unique is its contextref AND config
data?
- Jim: for one factory provider you'd only ever have one Context for a given
ContextRef.
- Greg: should we allow more than one instance of Context with same
ContextRef?
- Greg: we must allow multiple Context instances (cuz you could have opened
with different DIs)
- Paul: agreed

2. Mary: Eclipse approval of 3rd party libraries; process in general
--------------------------------------------------------------------
- Mary: we have a number of items in the queue: first item is Jena stuff, so
it seems we're at the top of the queue. The next is the LDAP context
provider. Tom and Mary have been discussing. Tom is looking into getting
into a couple of code peices dual licensed under EPL. Next on the list is
OpenID. The recommend libraries are from Sxip. We're asking if Sxip will
allow binary redistribution. Final one is the I-Card Manager component, most
of its libs are Apache 2.0

3. Paul: review of attached diagram v33d-draft
----------------------------------------------
  - added ContextFactory Config Data per IdAS registry/config
  - reverted to more layered approach: esp: Token Provider OVER IdAS
  - temp. added latest APIs -getDIs(), etc. at left [for discussion only]
  - added "Remote Token Service" to underscore local vs. remote STSes
  - added "Context Attribute Data Source" to emphasize CPs are adapters
  - removed ISS Web UI from the picture (since it's part of HBX anyway)
  - moved ISS Client UI up to be a peer of RP Protocol Support
  - added a blue wire from ISS to Token Service (required for idemix)

- Uppili: does I-Card Manager really need a connection down to the IdAS
(could it not just layer over the I-Card Registry)? 
- Paul: hmmm...let me think about this, you may be right.

4. Paul+Abhi: Walkthrough of auth flow: HBX -> RPPS -> ISS etc, including
discussion of Abhi's proposal (see
http://wiki.eclipse.org/index.php/PolicyFactory_Interface) 
----------------------------------------------------------
- Abhi: ISS will have a simple CardSpace policy class
- Abhi: It will also have more complex policy class for handling idemix
policies

5. Supporting CardSpace personal cards
--------------------------------------
- Daniel: (this is related to CardSpace interop and SSO): need the STS to be
able to support the other auth methods that are specified for CardSpace. In
particular, support for where the auth method is a self-issued card. We need
to figure out how a context provider will receive these other kinds of
authentication materials. 
- Daniel: When you set up a managed card you define the auth method. When
you select the managed card the auth material that is passed to the STS is
the personal private id (PPID) and the public key of the client. Perhaps we
get this working by our next milestone 0.7. 
- Jim: I agree that this would be a good goal
 
6. Issue tracking
-----------------
- Paul: Everyone should create their own user page on the wiki (as Jim has
done (see http://wiki.eclipse.org/index.php/User:Jimse.novell.com  ))
- From now on we should all put the user's name next to the issues as Jim
has done here http://wiki.eclipse.org/index.php/Milestone_0.7
- Each component owner should feel free to create their own fine grained
bugzilla entries and replace the overly coarse ones that I often create.

7. Help needed
--------------
- Mary: Mike McIntosh is working on getting the STS working on the virtual
server (Fedora) on Eclipse. He's having problems installing Java 5. 

Action Items
============
- Jim: volunteered to own fostering the conversation and trying to draw
consensus
- Greg: volunteered cycles to work on the registry itself (the next three
weeks are a good time to get work done (no classes))
- !!!: we need a volunteer to write some pseudo-code for what a context
provider would do in trying to implement these connect/create/open etc. 
- <everyone>: create your own user page on the wiki (as Jim has done (see
http://wiki.eclipse.org/index.php/User:Jimse.novell.com))
- Paul: Consider Uppili's suggested change to architecture; post new
architecture draft

The next call is Jan 4th. 
Happy Holidays,

-Paul and Mary

Prev by Date: RE: [higgins-dev] Demo post-mortem
Next by Date: RE: [higgins-dev] Demo post-mortem
Previous by thread: [higgins-dev] Updated agenda for today's call at 12 ET
Next by thread: [higgins-dev] versioning higgins libraries
Index(es):
- Date
- Thread

Breadcrumbs