|Re: [higgins-dev] STS profile problems|
We need to be able to use any implementation of IdAS context to manage STS
user profile. We are going to implement a new user profile plugin (like
org.eclipse.higgins.sts.server.profile) which will use any implementation of
IdAS context and perform all operations (including profile creation) using
IdAS methods (now LDAP is directly used to create/modify a profile).
However, we have the following problems with DigitalIdentityHandler:
1. DigitalIdentityHandler is implemented to use the peculiarity of JNDI CP -
each context contains single digital subject and subject ID is returned by
IContext.open() method. I think we should not use this peculiarity anywhere.
Moreower, I think IContext.open() should return nothing (void). Perhaps, in
case of JNDI CP it will be more convinient to alwauys return its single
subject for any value of passed subjectID. In other words, JNDI
IContext.getSubject(String subjectID) should always return the same subject
for any passed subjectID, even for null.
2. To find appropriate DigitalSubject, we need its subjectID. So, CardID
should contain both contextRef and subjectID (subjectID will be missed for
3. In case of SelfSigned cards, cardID should also contain contextRef +
subjectID (now it contains IssuerID of selfIssued cards).
4. Perhaps, STS should not use DefaultContextRef. It should be a problem of
IdASRegistry to initialize any ContextFactory and find required context.
higgins-dev mailing list
Back to the top