Re: [higgins-dev] STS profile problems
So the STS should not be dependant on IdAS, thus we should not have IdAS Registry be the only way configure the Context
Anthony Nadalin | Work 512.838.0085 | Cell 512.289.4122
"Sergey Lyakhov" ---07/25/2007 03:07:20 PM---Hello,
"Sergey Lyakhov" <slyakhov@xxxxxxxxxxxxxx>
"'Igor Tsinman'" <itsinman@xxxxxxxxxxxxx>, Vadym Synakh <synakh@xxxxxxxxxxxxxx>, Paul Trevithick <paul@xxxxxxxxxxxxx>
07/25/2007 03:07 PM
[higgins-dev] STS profile problems
We need to be able to use any implementation of IdAS context to manage STS
user profile. We are going to implement a new user profile plugin (like
org.eclipse.higgins.sts.server.profile) which will use any implementation of
IdAS context and perform all operations (including profile creation) using
IdAS methods (now LDAP is directly used to create/modify a profile).
However, we have the following problems with DigitalIdentityHandler:
1. DigitalIdentityHandler is implemented to use the peculiarity of JNDI CP -
each context contains single digital subject and subject ID is returned by
IContext.open() method. I think we should not use this peculiarity anywhere.
Moreower, I think IContext.open() should return nothing (void). Perhaps, in
case of JNDI CP it will be more convinient to alwauys return its single
subject for any value of passed subjectID. In other words, JNDI
IContext.getSubject(String subjectID) should always return the same subject
for any passed subjectID, even for null.
2. To find appropriate DigitalSubject, we need its subjectID. So, CardID
should contain both contextRef and subjectID (subjectID will be missed for
3. In case of SelfSigned cards, cardID should also contain contextRef +
subjectID (now it contains IssuerID of selfIssued cards).
4. Perhaps, STS should not use DefaultContextRef. It should be a problem of
IdASRegistry to initialize any ContextFactory and find required context.
higgins-dev mailing list