| Re: [higgins-dev] Two proposed IdAS changes |
|
The interfaces in javadoc can be viewed at
http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/ for the time
being. Specifically: http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/IContext.html#open(java.lang.Object) http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/IAuthNPropertiesMaterials.html http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/impl/AuthNPropertiesMaterials.html http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/impl/AuthNNamePasswordMaterials.html http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/impl/AuthNSelfIssuedMaterials.html Jim Tom Doman wrote: Since I'm one of the ones proposing this, it'd be redundant, if not insincere, to say "sounds good jim, let's go with it!" So, instead I'll say that we're going to go ahead and try this out today amongst ourselves and get practical experience within the LDAP CP and if that goes well, we'll propose this "all CP" effecting change be checked in to IdAS tomorrow. Good? TomJim Sermersheim <jimse@xxxxxxxxxx> 01/09/07 6:42 PM >>>1) We have a need for an IdAS consumer to be able to open a context using some authN materials, and then read the attributes of the DS representing the identity in the authN materials used to open the context. These authN materials don't contain the cuid of the DS. They may or may not contain attributes which could be used to search for the DS but this can't be relied on. Therefore, we propose that IContext.open return a String which is the cuid of the DS representing the identity in the authN materials used to open the context (if any). The string may be null when the identity is not represented by any specific DS in the context. Existing CP's and IdAS consumers would need to be updated for this change. 2) We realized the current AuthNNamePasswordMaterials can be seen as similar to other kinds of AuthNMaterials. One thing many different kinds of AuthNMaterials seem to have in common is that they contain a set of properties that identify the identity. The proposal is to do this: public interface org.eclipse.higgins.idas.IAuthNPropertiesMaterials extends IHasProperties public class org.eclipse.higgins.idas.impl.AuthNPropertiesMaterials extends BasicPropertySet implements IAuthNPropertiesMaterials public class org.eclipse.higgins.idas.impl.AuthNNamePasswordMaterials extends AuthNPropertiesMaterials public class org.eclipse.higgins.idas.impl.AuthNSelfIssuedMaterials extends AuthNPropertiesMaterials Where AuthNNamePasswordMaterials and AuthNSelfIssuedMaterials have get/set methods for name/pw and ppid/publicKey repectively, and where the implementations store these values as properties. This way a Context Provider can implement IContext.open by examining the class of the passed identity. If it's something specific like AuthNNamePasswordMaterials, it might know exactly what can be done with it. Failing that, it may discover that it implements IAuthNPropertiesMaterials and therefore, the property set may be interrogated in order to see if it constitutes a set of attributes which are suitable for describing an identity which can be used to open the context. Existing CP's and IdAS consumers currently implementing or making use of org.eclipse.higgins.idas.AuthNNamePasswordMaterials would need to be updated for this change. Jim _______________________________________________ higgins-dev mailing list higgins-dev@xxxxxxxxxxx https://dev.eclipse.org/mailman/listinfo/higgins-dev _______________________________________________ higgins-dev mailing list higgins-dev@xxxxxxxxxxx https://dev.eclipse.org/mailman/listinfo/higgins-dev |