From: Domenico Rotondi
[mailto:Domenico.Rotondi@xxxxxxxxxxxx]
Sent: Wednesday, June 03, 2009 1:05 PM
To: Mary Ruddy
Cc: Markus Sabadello; Paul Trevithick; leonardo Straniero
Subject: TXT documentation on Higgins extensions
Hi Mary and all,
as promised, and in view of the tomorrow phone
conf, I'm sending some additional details and docs on our work devoted to
"extend" Higgins (Version 1.1M4) so that it can be used also for
non-web applications.
Our objective was to make possible the use of
the Higgins framework also for client-server applications that don't use a
browser on the client side and HTTP/HTML; additionally, we had also the
objective of supporting C++ applications.
The approach we have used is based on
"wrapping" some of the Higgins libraries/classes so that they can be
used in the context depicted above; additionally we implemented some additional
classes to complete the functionalities a server or a client normally requires
(e.g. session pool management).
We don't make any assumption on the way a
client communicates with the server, so our wrapping and extensions just need
some parameters in input and provide some output to be sent to the other party.
Therefore, the typical scenario is a server that, after receiving a new
connection from a client, calls our code to get the authentication policy and
X509 server certificate to be provided to the client and, after the client
completes its transaction with the IdP and provides the security token to the
server, to check that the provided security token is acceptable. On the client
side our code provides complementary functionalties to process what received
from the server, interact with the IdP and return to the server the security
token.
We actually have developed 3 different
libraries:
·
Java
Server Authentication Library (JSAL): this is the library a server has to use
to manage the authentication process with a client
·
Java
Client Authentication Library (JCAL): this library has to be used by a
"non-interactive" client (i.e. a client that cannot interact with the
end-user to select an iCard). Using this library even "batch" clients
can use iCards (which are stored in ad hoc files) and mimic the behaviour of
"normal" clients
·
Java
Client User Interface Authentication Library (JCUAL): this library has to be
used by interactive clients. It makes possible for a client to use the services
of an iCard Selector (e.g. Microsoft CardSpace) interacting with the
iCard Selector via the Higgins Selector Switch (HSS).
Enclosed please find a short Word doc with
details on the wrapped Higgins classes and the classes/methods each of the
above libraries provide; additionally we provide the JavDoc PDF files also.
As stated above, we have also developed a C++
version of all three libraries.
The C++ version is normally obtained using the
Java code via JNI.
Therefore the functionalities are exactly the
same, with the same in/out parameters (apart for possible differences due to
C++ constraints). We have not included C++ docs, anyway.
Of course a Java based client can interact
with both a C++ and Java based server, and viceversa.
TXT think our code can be useful to other
people that want to use Higgins even for non web-apps. Therefore we are
available to provide our code to the open source community with the same
licensing conditions as stated in the Higgins libraries.
Hoping this message and the enclosed
additional doc is sufficiently clear for your evaluation. Please excuse English
mistakes!
I look forward to receive feedbacks from you
and to hear you tomorrow in the phone conf.
Ciao
Domenico
======================================================
Dr.
Domenico Rotondi
TXT e-Solutions SpA
c/o Tecnopolis N.O.
Strada Prov. per Casamassima Km 3
70010 Valenzano (BA) - Italy
Tel.:
+39-02 25771 782, +39-080-4670 585
+39-348-655 00 87
Fax:
+39-080-4676 154
E-mail:
Domenico.Rotondi@xxxxxxxxxxxx
No virus
found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.339 / Virus Database: 270.12.34/2122 - Release Date: 06/04/09
05:53:00