We've mentioned the notion of two providers being used to
access the same Context a number of times. It makes me ask myself what
constitutes sameness among contexts.
Referring to the context examples at the bottom of this
mail, I don't know which are the same context, and which are different:
ex1 and ex2 both use LDAP, both start at the same place in
the LDAP server's tree, both use the same AuthN materials. Difference is
vendor. Let's say the IBM provider maps attributes quite differently than the
Novell provider, and the Novell provider follows referrals whereas the IBM
provider cannot, thus it's view of the tree is chopped. These may look quite
different from the IdAS consumer's POV.
ex2 and ex3 differ only in protocol. Let's say both present
the data model exactly the same and have the same capabilities.
ex4 uses different AuthN materials, with the
implication being that a different set of data will be exposed (anon cannot see
privileged data).
ex5 points to a different host. It's assumed that this host
is a replica of eDirLDAPServer.com. The only problem is that replication
between these two hosts is loosely consistent. There's no guaranty that the
data is ever exactly the same among replicas.
Maybe we're saying a context is defined by its Context
Reference (URI). So, whatever the URI contains or points at must be what
constitutes a context. If that's the case, we're back to the "what's
in the URI?" question
Provider Implementor = IBM
Factory = IBM LDAP factory
Base = ou=employees.dc=ibm,dc=com
AuthN = superuser and credentials
Provider Implementor = Novell
Factory = Novell LDAP factory
Base = ou=employees.dc=ibm,dc=com
AuthN = superuser and credentials
Provider Implementor = Novell
Factory = Novell NDAP factory (NOTE: different
protocol, same backing data)
Base = ou=employees.dc=ibm,dc=com
AuthN = superuser and credentials
Provider Implementor = Novell
Factory = Novell LDAP factory
Base = ou=employees.dc=ibm,dc=com
Provider Implementor = Novell
Factory = Novell LDAP factory
Base = ou=employees.dc=ibm,dc=com
AuthN = superuser and credentials