[security-dev] IDM: Support for XML configuration
Pedro Igor Silva
psilva at redhat.com
Thu Jan 17 07:49:47 EST 2013
I remember some discussion about reviewing the PicketLink Federation parsing API. Is this still required ?
----- Original Message -----
From: "Marek Posolda" <mposolda at redhat.com>
To: "Anil Saldhana" <Anil.Saldhana at redhat.com>
Cc: security-dev at lists.jboss.org
Sent: Thursday, January 17, 2013 8:59:06 AM
Subject: Re: [security-dev] IDM: Support for XML configuration
On 17/01/13 01:16, Anil Saldhana wrote:
> Marek,
> we need an xml configuration for IDM. We have not started with it.
> We will be using Stax parsing (and not JAXB). The xml configuration
> will be used by users if they incorporate idm (and nothing else from the
> PL stack).
Sure, I also though about possibility to have unified configuration file
for whole picketlink. And obviously using Stax for parsing.
In attachment is possible configuration example. I've added new element
PicketlinkIDM with IDM configuration used in existing Picketlink
configuration file with some federation configuration (like SAML
Handlers and SAML SP configuration).
So it seems that in this case we will need to extract all Parser classes
and all BlaBlaType classes (like
"org.picketlink.identity.federation.core.config.PicketlinkType" and
basically all other classes from package
"org.picketlink.identity.federation.core.config") into this
picketlink/xml-config module and other modules like
picketlink/federation and picketlink/idm/impl will be dependent on this
module. Am I correct?
In this case class PicketlinkType will need another field "idmType" to
existing, so it could be like:
public class PicketLinkType {
private ProviderType idpOrSP;
private Handlers handlers;
private STSType stsType;
private boolean enableAudit;
private IDMType idmType;
....
}
For the format of IDM configuration itself (content of PicketlinkIDM
element), it's still not final. It seems that I will need to add more
things (especially realms and tiers is what I am missing now). Let me
know if you have more ideas or if you think that format should be different.
Thanks for the feedback!
Marek
>
> For the project PicketLink, we need one xml configuration file (if an
> user wants) - authentication,authorization,federation,social, idm etc
> can be configured in one file. For this, we will be extending the
> federation 2.1 stax parsing to encompass the other components. We have
> picketlink.xml as the config file in 2.x
>
> Integrating projects such as RESTEasy, JBoss AS, GateIn etc will have
> their own configuration that deals with the IDM configuration API directly.
>
> Regards,
> Anil
>
> On 01/16/2013 05:03 PM, Marek Posolda wrote:
>> Hi,
>>
>> I am seeing in IDM testsuites that currently there is support only for
>> programmatic IDM configuration. Is there some plan to build IDM
>> IdentityManager also from XML configuration? Maybe I can start on it
>> if nobody else is working on it?
>>
>> I am adding some example configuration file into attachment with some
>> proposal how it could possibly looks like. Note that nothing is final
>> and some things are still missing (especially configuration of realms,
>> tiers etc.)
>>
>> What do you think?
>>
>> Thanks,
>> Marek
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
_______________________________________________
security-dev mailing list
security-dev at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev
More information about the security-dev
mailing list