[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
| Re: [higgins-dev] [IdAS] Context open/close semantics | 
Based on recent email and phone discussions, here's take two.  I believe 
the only unresolved issue is the need for retrieving the identity from 
an open Context.
--------------------------
(1) An open Context represents a binding between a client (specified by 
the identity in the open() call) and the data published by the Context.  
A successful open operation implies that the identity is authenticated 
and that the client will be allowed to access Context data, subject to 
the Context's access control policy.  (OPEN ISSUE: There is no API for 
determining the identity of the client that opened a Context.)
(2) The following Context methods require a Context to be open: 
getSubject, getSubjects, createSubject, removeSubject, 
verifySubjectAttributes, updateSubject, exportData, importData.  Calls 
to these methods on a non-open Context will result in a 
ContextNotOpenException. 
(3) The close operation returns the Context instance to an unopened 
state, as if the Context were newly-created.
(4) Performing an open on an open Context results in a 
ContextOpenException.    (NOTE: This is true even if the Context is 
re-opened with the same identity.  There is no requirement to save the 
passed-in identity as is, so the Context may not be able to determine 
whether the new identity and the bound identity is equivalent.)