[higgins-dev] Notes from February 12th Higgins Developers Call

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[higgins-dev] Notes from February 12th Higgins Developers Call

From: "Mary Ruddy" <mary@xxxxxxxxxxxxxxxxx>
Date: Wed, 18 Feb 2009 23:06:31 -0500
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>
Thread-index: AcmSR27aXF+L32F9TcmYKdHjTU/tfQ==

Higgins dev call on February 12, 2009

Attendees

* Brian Carroll - Serena

* Andy Hodgkinson - Novell

* Mary Ruddy - Meristic

* Paul Trevithick - Parity

* Brian Walker – Parity

* Markus Sabedello – Parity

* Jim Sermersheim - Novell

* John Bradley

* Gene Gotimer – Privo

* Mike Jones - Microsoft

time: noon EST
Dial-in: 1-866-362-7064 / 892048#

Agenda
1. [Brian] 1.1M6 - targeted for February 27

See http://wiki.eclipse.org/Higgins_1.1M6 for current list
1.1 Milestone planning http://wiki.eclipse.org/Higgins_1.1_Plan
[BrianW] No new news. Still need contingencies on this. Don’t have confirmation that some of the items will be ready by then. We have 6 items targeted. Some of them are very close. Need to get validation that they will be done in this time frame. Stay tuned. We will continue to iterate on the items.

2. [Brian, Alexander, Andy] Selector Architecture Harmonization

Phase I update
CardSync [1] protocol work is progressing
[BrianW] No major updates to wiki over last week.
[Andy] I’ve been looking at the card store interface on the selector. In order to support the protocol and caching work we want to do, I found that I needed to add a couple of things to the current interface – a cipher and a credential. If you are accessing something in the cloud you have to authenticate. As part of that investigation I looked at Amazon’s S3. The credential passed down is something generic. In addition to the file system store that we have now, could have a provider that goes to S3 or another cloud service. All of that code is checked in
[BrianW] Great.
[Paul] You said before that you broke the code into several projects?
[Andy] Yes…
[Paul] At some point we need to update the solution and components pages.
[Andy] Yes, I agree. Have that on my to-do list.
[Paul] Don’t delay.
[Paul] You already have designed the cardstore, to be multi-process, multi-threaded?
[Andy] We have an ISAM data base engine. It is set up to run as a service or embedded in a process. And it can support multi-process or multi-threaded access to a database. When Alexander is ready, we will look at what it will take to synchronize to the local cache…. not as fast to go directly to the cloud as to the cache, but we could bypass the cache if we wanted to. Will have local listener that will take initially REST, and ultimately XML.
[Paul] API different on cardstore and wire?
[Andy] Is easy to plug in a different provider with a totally different protocol…So then can speak the protocol that Alexander is designing.

3. [Gene] Feedback on Higgins documentation

Feedback from Privo's attempt to use Higgins.
[Gene] Documentation isn’t there. What I was looking for pointed to Bandit and Higgins code… piece for us to act as an identity provider and a trusted party. What I was looking to do was to integrate it as a set of code to call. I already had the database, but I couldn’t figure out how. I was looking for one jar to use. I was using Spring…. Without doc and since Higgins has lots of libraries, it was hard to figure out where to look.
[Paul] We package the code into different solutions. One is the RP site enablement. Did you look at that?
[Paul}] The WS-Trust IdP has an example of it running.
[Gene} I saw those and the token service build instructions. But it was too confusing. A lot of the libraries seemed to need to run as a service beside my code. I was looking for something to plug in and have my service answer the calls.
[Paul]….
[Gene] Right.
[Paul] It does have an STS – designed as a standalone service that is. customizable. It has a UI where you create an account and generate an account. It has configuration files to control how it would look.
[Gene] I ran into this as well. It was its own UI. Even just tying into our data source, I couldn’t figure out how to do it…
[Paul] Definitely not packaged for that.
[Jim] The Bandit IdP’s are skinable and modifiable. And replaceable.
[Gene] They were skinable, but I already had a website. I wanted to plug info- cards in. Even having a separate UI that was skinned was not desirable. Tying into data source wasn’t straight forward. Wanted it as service that didn’t have a UI or code to run. I wanted to tell it how to grab data from my data source. That would have been my preferred solution.
[Jim] Does your data source contain info-cards?
[Gene] Database through Hibernate JDBC. If I could have gotten to the hook in Java .. I could have done it.
[Jim] That is IdAS. We don’t have a JDBC context provider. But there is an IdAS set of interfaces and a factory to build out classes… Basically what we would need to do is figure out the fastest way to build a JDBC context provider in front of that on the UI side.
[Jim] Need to make it so that it is deployable.
[Gene] I’m looking though the IdAS context providers on the component list. I see where there is a link to the interface. What I don’t see is exactly what I’m trying to implement. Is it the entity container? This is where I got lost. It isn’t clear that this is where you tie in.
[Jim] We need to document coming in through multiple angles.
[Gene] Was thinking of a JDBC or Hibernate one. Got hung up on just what needed… common registry and UDI… It wasn’t clear where to start and what pieces I need. Need a context provider implementer’s guide.
[??] This sound’s like something we talked about doing.
[Mary] I remember talking with Jim about this a long time ago. I don’t think we did it.
[Jim] I don’t see anything either. That is something definitely missing.
[Gene] I just came across the IdAS use cases page. But there is no meat behind that.
[Gene] That would have been the piece I needed.
[Jim] I’m making a note of that and will talk to Dale about it. What is your interest level? We could spend a few hours and talk through it. I would have to find out what resources would have to be involved. JBDC and Hibernate would be valuable.
[Gene] From my point of view a non generic JDBC one would have a lot of value.
[Gene] JDBC is one I already know.
[Jim] Andy Dale at ooTao did exactly that. They wrote a specific JDBC context provider. I don’t know what its license is.
[Mike] If it is part of linesave it is. That is open.
[John] It isn’t.
[BrianW] On the Parity side, we did a Hibernate one, but can’t check it into Eclipse.
…Discussion of how it would help if Gene could look at this code….
[Jim] I will bring this up with Andy Dale to see what we can do to get a resource to work with you on that.
[Gene] Ok.
[Mike] I will start looking into where is the source code.
[John] Question is where it would go. Can’t go into Higgins because it is Hibernate.
[Mary] So we now have two Hibernate CP’s that we can’t put into Higgins.
[Paul] The issue is that we can’t redistribute Hibernate. Can’t include a jar that relies on an external dependency. That would prohibit the nightly build from running
[Mary] Hibernate is LGPL so we can’t put it into Higgins itself, I can try to push back on getting an exception for putting the CP(s) in.
[John] I will talk to Andy about this.
[Paul] We could have links to SourceForge.
[Mary] Yes.
[John] Our CP [The Andy Dale Hibernate CP] was also specific for a demo, not useful to all things for all. But it is useful as a reference.
[Gene] JDBC is something that I’m familiar with, so it is a good anchor.
[John] Send me an email with contact info and I can put you in contact with Andy.
[Paul] It is also true listening to Gene, he might prefer to have him implement that interface in his own code.
[Paul] One thing, that would take only 5 minutes, is to add on the wiki page a one line link.
[Jim] This is really good feed back.
[Paul] If you look at the new format components pages, there is a chance for every package to be a wiki page. They can be [just] a paragraph or two. Something is better than nothing.
[Jim] My last day at Novell is tomorrow. Any future Higgins work I do is charity. I do think doing work to this end is worthy. So I will try to get some stuff out there. I don’t know how long lasting my effort will be.
[Paul] Maybe we should move on to the next topic.
[Mike] Mike and Gene thank you and sign out.

4. [Paul] Component renaming

Results of the new poll for new name for Web Proxy is here [2].
New winner is I-Card Proxy. Thoughts?
New name

Results of the new poll for new name for Web Proxy is here [2]
New winner (10 votes) is Identity Proxy or Web Selector (TIE)

Security concerns

Accessing from iPhone —is there a way to tie access to the phone?
Accessing from web browser — should we add another factor? Or perhaps have the I-Card Service support multiple accounts with different levels of access (e.g. Only allow access to some cards but not all).

Android and other platforms: do they allow browser add-ons?
[Paul] Doesn’t anyone have new…
[Markus] I’m here.
[Paul] From the point of view of an iPhone – no way to tie it to a particular phone?
[Paul] Any iPhone? Have you thought through from a security perspective on the phone? If you know the username and password you can get to the cards.
[John] Or if you redirect the person to a phishing site…
[Paul] Even when we had a web-based card selector we didn’t allow you to log into it for that reason.
[Markus] ..Yah.
[Paul] When we support the serialized selector, would the iPhone be possible…
[Paul] So there is nothing different about the iPhone. It is just a web browser.
[John] So far Apple doesn’t provide access to any of the underlying crypto.
[Paul] That is the root of my underlying question. It doesn’t allow plugins. Symbian does.
[John] Android allows.
[Mary] RIM allows.
[John] I think plugs-ins are java on Symbian.

5. [Mary] Higgins white paper

Next steps for completing the draft, and volunteering for sections.
[Mary] Hank is traveling this week. He asked me to see if we had any more volunteers for writing sections.
[Paul] To be honest, I looked at it and realized that wow, this is a lot of work It is a good idea to break it up. I will look again and volunteer.
[Mary] Thanks.
[Mary] Anything else?
[Paul] One thing we could do. Markus wrote the code, and we had a tie. [So he should get to break the tie.]
[Markus] Web selector.
[No objections]
[Paul] We’ll go ahead and change the wiki and rename again.
[Paul] Thanks again. Will do it again next week.

[1] http://wiki.eclipse.org/Selector_Architecture_Harmonization#Card_Sync_Protocol
[2] http://selectricity.org/quickvote/webproxy2/results

Prev by Date: [higgins-dev] Agenda for Higgins Developers call on Thursday, February 19
Next by Date: [higgins-dev] Higgins selector for Blackberry Storm?
Previous by thread: [higgins-dev] Agenda for Higgins Developers call on Thursday, February 19
Next by thread: [higgins-dev] Higgins selector for Blackberry Storm?
Index(es):
- Date
- Thread

Breadcrumbs