[security-dev] IDM: Support for XML configuration

Marek Posolda mposolda at redhat.com
Mon Jan 28 05:58:44 EST 2013

I made some progress with this and sent another pull request 
https://github.com/picketlink/picketlink/pull/40 where I described my 
current progress.


On 18/01/13 18:02, Marek Posolda wrote:
> Hi,
> I've started the work on XML based IDM configuration and sent first PR
> related to this https://github.com/picketlink/picketlink/pull/38
> What I did so far is:
> 1) Created Java classes for types which are used to XML-Java mapping.
> For now, I added those classes into "picketlink/federation" module into
> package "org.picketlink.identity.federation.core.config.idm" .
> Only reason to have them in federation is, that they need to be visible
> from class PicketlinkType, which is part of Federation module. (It was
> agreed that we will use big picketlink.xml, which will contain
> configuration of all picketlink components together). Seems that we need
> to extract some stuff related to XML parsing from federation module into
> config module, as currently "config" module is dependent on "federation" .
> 2) I've made STAX based XML parsing in config module. See
> IDMConfigParser and unit test IDMConfigParserTestCase
> 3) I've added some temporary reflection based hack to
> PicketlinkConfigParser, so it can instantiate IDMConfigParser from
> "config" module and use it. This needs to be done more properly once/if
> we extract XML parsing stuff from "federation" module to "config" module
> (mentioned in point 1)
> 4) I've added class XMLBasedIdentityManagerProvider to IDM. It will be
> used to build IDM IdentityManager from parsed XML configuration. Not
> much work done here atm. I am planning to  use reflection based classes
> from IDM module to help with this.
> Let me know if there are some questions/concerns around this.
> Thanks,
> Marek
> On 17/01/13 14:48, Anil Saldhana wrote:
>> Marek,
>>      wait for me to create the xml config module.  Migration of classes
>> need to maintain history.
>> Regards,
>> Anil
>> On 01/17/2013 07:43 AM, Marek Posolda wrote:
>>> On 17/01/13 01:27, Shane Bryzak wrote:
>>>> I would suggest we develop an XML based configuration in its own
>>>> submodule, we can probably call it picketlink/xml-config and it can
>>>> simply implement the configuration interfaces we have defined in the idm
>>>> submodule and other submodules.
>>> I am trying to extract some stuff related to parsing from
>>> picketlink/federation to new picketlink/xml-config module. However there
>>> are some related problems as some classes referenced from those needs to
>>> import other classes etc.
>>> So I am thinking also about creating some common module (like
>>> picketlink/common) which will contains some common util classes needed
>>> by all other picketlink projects. Typical example of such class could be
>>> org.picketlink.identity.federation.core.util.StringUtil , which contains
>>> some very common utils for working with strings . What do you think?
>>> Marek
>>>> Marek if you want commit access to work
>>>> on this please let me know and I'll get you set up, and I'm also more
>>>> than happy to provide input on the requirements.
>>>> On 17/01/13 10:16, Anil Saldhana wrote:
>>>>> Marek,
>>>>>         we need an xml configuration for IDM. We have not started with it.
>>>>> We will be using Stax parsing (and not JAXB).  The xml configuration
>>>>> will be used by users if they incorporate idm (and nothing else from the
>>>>> PL stack).
>>>>> For the project PicketLink, we need one xml configuration file (if an
>>>>> user wants) - authentication,authorization,federation,social, idm etc
>>>>> can be configured in one file. For this, we will be extending the
>>>>> federation 2.1 stax parsing to encompass the other components. We have
>>>>> picketlink.xml as the config file in 2.x
>>>>> Integrating projects such as RESTEasy, JBoss AS, GateIn etc will have
>>>>> their own configuration that deals with the IDM configuration API directly.
>>>>> Regards,
>>>>> Anil
>>>>> On 01/16/2013 05:03 PM, Marek Posolda wrote:
>>>>>> Hi,
>>>>>> I am seeing in IDM testsuites that currently there is support only for
>>>>>> programmatic IDM configuration. Is there some plan to build IDM
>>>>>> IdentityManager also from XML configuration? Maybe I can start on it
>>>>>> if nobody else is working on it?
>>>>>> I am adding some example configuration file into attachment with some
>>>>>> proposal how it could possibly looks like. Note that nothing is final
>>>>>> and some things are still missing (especially configuration of realms,
>>>>>> tiers etc.)
>>>>>> What do you think?
>>>>>> Thanks,
>>>>>> Marek
>> _______________________________________________
>> security-dev mailing list
>> security-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/security-dev
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev

More information about the security-dev mailing list