guanxisiva the hook

Fri, Jun 25, 2004

Been debating whether to bolt Siva onto the existing origin implementation, which, conveniently, is a java web application.

After managing to load it into IntelliJ IDEA and compile however, it seems very generalised and may prove difficult to extend for our case. However, the hook came when reading the spec - the protocol allows for multiple attribute stores but only one can be active in any one user session and it’s up to the HS to decide which AA to contact for handle generation, that’s if if delegates handle creation to the AA. Whatever AA is decided upon is then used for the duration of the shibb session. We’ve got tons of attribute stores and each one contains different info on a user so we need the ability to aggregate attributes from multiple stores, rather than plump for one store and restrict attribute assertions to that one alone. Also, aggregation will involve conflict resolution, where semantically similar attributes in different stores report different information. One example is the need for Gaelic names. One store may only have English names but the target is demanding that people be called D??mhnall D??mhnallach to get access to So it looks like I’ll wander down the Siva route and start building a HS.

comments powered by Disqus