Re: [higgins-dev] [IdAS] use cases

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [higgins-dev] [IdAS] use cases

From: Greg Byrd <gbyrd@xxxxxxxx>
Date: Thu, 20 Jul 2006 15:48:03 -0400
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <http://eclipse.org/pipermail/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)

Caveat: I'm still rather new to this, also, so take the followingexplanations with

a grain of salt, and correct me as needed.

Tom Doman wrote:

1. I guess I had thought of Context Providers as being providers of a
specific kind of context.  For example, an LDAP Context Provider that
provides Contexts to LDAP endpoints or a Join Context Provider that
provides Contexts to other Context Providers which, say, join data from
LDAP, SQL, and Liberty endpoints.  How far off the mark am I here?  Some
of what was discussed on the call as well as these use cases seem to
indicate that any given Context Provider can provide a Context to the
same URI.  And perhaps the Context Providers then are just different
vendor implementations of how to get a Context for a given URI.  I'm
sure much of my thinking is guided by what we've implemented in Bandit
and I'll send the promised examples under separate cover.  I went
through the Java Docs yesterday but I'm still unclear on exactly what
Context Provider and Context are.  In addition, as per #2 below, how
they can be used to encapsulate or join a variety of disparate data
sources and data formats.

"Does a Context Provider specify a type or a vendor?" I think the answeris, "Both."

A Context is a technology-neutral concept. It contains a set of digitalsubjects, and thethings that it can represent are described by its schema. But at theContext level,nobody cares whether the underlying bits are in an LDAP directory, or atext file,or an SQL database. It's the ContextProvider's responsibility totranslate the bitsin the repository to the form that can be used as a Context.

So, the Context Provider certainly needs to know what the storage technology

is and how to use it. It could also source data from many differentformats, presenting

the results as a unified Context with a specific schema.

But the Context Provider also represents a specific vendor's (or author's)

code to implement that transformation. So it's possible to have aNovell-LDAPprovider and an IBM-LDAP provider.I think I muddied the waters with my explanation of the Provider classas usedin the Java Crypography Architecture. In that case, a Providerrepresents a particularimplementation of some set of JCA services, which might be digitalsignature,encryption, message digest, etc. A Provider can implement any or all oftheseservices. So I was thinking that the "IBM" Provider, for example, wouldincludemany different types of Context Providers that we've been talking about,each withdifferent underlying technologies -- LDAP, RDF, SQL, or some customcombinationof these.Now, if I follow Tony's logic correctly, I think we're back to equatingProvider(in the Java sense) with Context Provider (in the Higgins sense). Inother words,each Provider has a specific way that it provides access to Contextdata. And ifthere is a need for different kinds of tranformations, because ofdifferent underlyingtechnologies, then a vendor may have several different Providers, eachservinga particular need. An attribute could be associated with the Providerthat tells

which underlying technology (or technologies) it supports.

2. Use case number 4 makes me wonder what it means to "import a
Context" but I assume that'll become clearer in Greg's description.  It
does, however, raise an additional use case I'd like to see added and
detailed.  That is, the case where the user wants a Context which
gathers identity data for a variety of data sources, each of which may
have data represented in a distinct specific format (e.g. LDAP, SQL, XML
File, etc.).

What I mean by "import" is the following. Suppose that my company has apre-existingLDAP directory with information about all my employees. I want to makethat informationavailable to the Higgins framework. I don't want to implement my ownLDAP-based ContextProvider. Instead, I look at the Providers available on my system,check whether any of themsupports an LDAP backend, and then I do whatever configuration isnecessary to make my

data available as a Context (or a set of Contexts) via that Provider.

3. A clarification on what end points are would also be helpful.

My understanding of IdASEndpoint is that it's the "place" where a usergoes to initiateinteraction with one or more Context Providers. It's the top-levelinterface to the IdAS.Jim has pointed out that "endpoint" might not be the best name for this,and I don'tdisagree.

Follow-Ups:
- [higgins-dev] Contexts from Multiple Identity Sources (was [IdAS] use cases)
  - From: Tom Doman
- [higgins-dev] Vendor Specific Context Providers
  - From: Tom Doman

References:
- [higgins-dev] [IdAS] use cases
  - From: Greg Byrd
- Re: [higgins-dev] [IdAS] use cases
  - From: Tom Doman

Prev by Date: Re: [higgins-dev] [IdAS] use cases
Next by Date: [higgins-dev] Bandit Realm Definition Samples
Previous by thread: Re: [higgins-dev] [IdAS] use cases
Next by thread: [higgins-dev] Vendor Specific Context Providers
Index(es):
- Date
- Thread

Breadcrumbs