Re: [higgins-dev] STS profile problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [higgins-dev] STS profile problems

From: Anthony Nadalin <drsecure@xxxxxxxxxx>
Date: Wed, 25 Jul 2007 15:17:07 -0500
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>

So the STS should not be dependant on IdAS, thus we should not have IdAS Registry be the only way configure the Context

Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122

"Sergey Lyakhov" ---07/25/2007 03:07:20 PM---Hello,

From:	"Sergey Lyakhov" <slyakhov@xxxxxxxxxxxxxx>
To:	<higgins-dev@xxxxxxxxxxx>
Cc:	"'Igor Tsinman'" <itsinman@xxxxxxxxxxxxx>, Vadym Synakh <synakh@xxxxxxxxxxxxxx>, Paul Trevithick <paul@xxxxxxxxxxxxx>
Date:	07/25/2007 03:07 PM
Subject:	[higgins-dev] STS profile problems

Hello, We need to be able to use any implementation of IdAS context to manage STS user profile. We are going to implement a new user profile plugin (like org.eclipse.higgins.sts.server.profile) which will use any implementation of IdAS context and perform all operations (including profile creation) using IdAS methods (now LDAP is directly used to create/modify a profile). However, we have the following problems with DigitalIdentityHandler: 1. DigitalIdentityHandler is implemented to use the peculiarity of JNDI CP - each context contains single digital subject and subject ID is returned by IContext.open() method. I think we should not use this peculiarity anywhere. Moreower, I think IContext.open() should return nothing (void). Perhaps, in case of JNDI CP it will be more convinient to alwauys return its single subject for any value of passed subjectID. In other words, JNDI IContext.getSubject(String subjectID) should always return the same subject for any passed subjectID, even for null. 2. To find appropriate DigitalSubject, we need its subjectID. So, CardID should contain both contextRef and subjectID (subjectID will be missed for JNDI provider). 3. In case of SelfSigned cards, cardID should also contain contextRef + subjectID (now it contains IssuerID of selfIssued cards). 4. Perhaps, STS should not use DefaultContextRef. It should be a problem of IdASRegistry to initialize any ContextFactory and find required context. Thanks, Sergey Lyakhov _______________________________________________ higgins-dev mailing list higgins-dev@xxxxxxxxxxxhttps://dev.eclipse.org/mailman/listinfo/higgins-dev

Follow-Ups:
- Re: [higgins-dev] STS profile problems
  - From: Sergey Lyakhov

References:
- [higgins-dev] STS profile problems
  - From: Sergey Lyakhov

Prev by Date: [higgins-dev] STS profile problems
Next by Date: Re: [higgins-dev] STS profile problems
Previous by thread: [higgins-dev] STS profile problems
Next by thread: Re: [higgins-dev] STS profile problems
Index(es):
- Date
- Thread

Breadcrumbs