Once again, we should be using Eclipse, we will not look at a bandit project as it has different licensing, please make all proposals to the Eclipse site
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
Jim Sermersheim <jimse@xxxxxxxxxx>
Jim Sermersheim <jimse@xxxxxxxxxx>
Sent by: higgins-dev-bounces@xxxxxxxxxxx
01/10/2007 12:10 PM
Please respond to
"Higgins \(Trust Framework\) Project developer discussions" <higgins-dev@xxxxxxxxxxx> |
|
|
The interfaces in javadoc can be viewed at http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/ for the time being. Specifically:
http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/IContext.html#open(java.lang.Object)
http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/IAuthNPropertiesMaterials.html
http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/impl/AuthNPropertiesMaterials.html
http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/impl/AuthNNamePasswordMaterials.html
http://forgeftp.novell.com//bandit/HigginsIDASJavadoc/org/eclipse/higgins/idas/impl/AuthNSelfIssuedMaterials.html
Jim
Tom Doman wrote:
Since I'm one of the ones proposing this, it'd be redundant, if not insincere, to say "sounds good jim, let's go with it!" So, instead I'll say that we're going to go ahead and try this out today amongst ourselves and get practical experience within the LDAP CP and if that goes well, we'll propose this "all CP" effecting change be checked in to IdAS tomorrow. Good?
Tom
1) We have a need for an IdAS consumer to be able to open a context
using some authN materials, and then read the attributes of the DS
representing the identity in the authN materials used to open the
context. These authN materials don't contain the cuid of the DS. They
may or may not contain attributes which could be used to search for the
DS but this can't be relied on. Therefore, we propose that
IContext.open return a String which is the cuid of the DS representing
the identity in the authN materials used to open the context (if any).
The string may be null when the identity is not represented by any
specific DS in the context.
Existing CP's and IdAS consumers would need to be updated for this change.
2) We realized the current AuthNNamePasswordMaterials can be seen as
similar to other kinds of AuthNMaterials. One thing many different
kinds of AuthNMaterials seem to have in common is that they contain a
set of properties that identify the identity. The proposal is to do this:
public interface org.eclipse.higgins.idas.IAuthNPropertiesMaterials
extends IHasProperties
public class org.eclipse.higgins.idas.impl.AuthNPropertiesMaterials
extends BasicPropertySet implements IAuthNPropertiesMaterials
public class org.eclipse.higgins.idas.impl.AuthNNamePasswordMaterials
extends AuthNPropertiesMaterials
public class org.eclipse.higgins.idas.impl.AuthNSelfIssuedMaterials
extends AuthNPropertiesMaterials
Where AuthNNamePasswordMaterials and AuthNSelfIssuedMaterials have
get/set methods for name/pw and ppid/publicKey repectively, and where
the implementations store these values as properties.
This way a Context Provider can implement IContext.open by examining the
class of the passed identity. If it's something specific like
AuthNNamePasswordMaterials, it might know exactly what can be done with
it. Failing that, it may discover that it implements
IAuthNPropertiesMaterials and therefore, the property set may be
interrogated in order to see if it constitutes a set of attributes which
are suitable for describing an identity which can be used to open the
context.
Existing CP's and IdAS consumers currently implementing or making use of
org.eclipse.higgins.idas.AuthNNamePasswordMaterials would need to be
updated for this change.
Jim
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
|