Hi all, last week Mary Ruddy distributed to the list some information on some integrations we made to make possible the use of the Higgins Framework for non web applications.
In particular to make possible the use of Higgins between a Java/C++ server application (acting as RP) and non-interactive Java/C++ clients (i.e. applications that do not interact with end users to select cards, etc.). For us an application that needs to authenticate to an RP providing an authentication token obtained from an STS is a "client application". The approach we are using is to wrap some of the Higgins libraries/classes and write down some additional code so that the Higgins software can be used in the context depicted above. In this way we don't modify the Higgins even if we, in some way, enlarge its usability in other contexts. On the non-interactive client side, we use an iCard associated to the account under which the client application runs. The iCard is, currently, locally stored as a CRD file on a client app config directory; additionally we use a configuration file to specify the location of the iCard CRD file and, in case the iCard makes use of Username/PWD credentials, the IdP login password. To perform the operation to select the ICard we use a configuration file where you can specify the location of ICard with which to interact with the IDP and password when authentication with IdP is made through IUsernamePasswordCredential. To import the ICard specified into the our configuration file we use the class org.eclipse.higgins.icard.provider.securestorage.SecureStorageICardProvider belonging to the I-Card Registry component. The method provided by this class is public ICard importCard(CallbackHandler, String) Because it is a public but not static method we must instantiate the SecureStorageICardProvider class with the relative constructor. This was our solution using Higgins 1.1M4. When moving to V1.1M6 we are having problem in using the org.eclipse.higgins.icard.provider.securestorage.SecureStorageICardProvider class, indeed on line 99 there is the following code: protected IConfiguration config = initConfig(this); This method makes a chain of other method's calls as follows: SecureStorageICardProvider.initConfig(ICardProvider) ICardRegistry.getInstance() ICardRegistry() Constructor ICardRegistry.initialize() HCExtensionHelper.getHCExtension() HCExtensionHelper.getConfig() The getConfig() method finally checks the following environment variable: org.eclipse.higgins.registry.conf.file If this variable is not set, the code sets its value to the default %configuration-home/Configuration/ProvidersConfiguration.xml file. Two questions: . what kind of info do this file provides? . why there is no sample file in teh 1.1M6 SVN? Looking at the ENV variable and the location of this class (within the icard.registry package) I suppose this file will be used to configure the I-Card Registry component. We currently don't use this component (it's not clear to us, in teh context we depicted above, if we can store the iCard in an iCard provider, how to do this and how to get back the iCard when we have to perform the transaction with the STS). Currently, therfore, we ignore this configuration step (we use this component only to import the MyCard.crd file into an org.eclipse.higgins.icard.ICard object). With the 1.1M4 version I haven't this problem; so I suppose version M6 begins the iCard-Registry configuration process well before the same configuration in M4 version using this unknown file (ProvidersConfiguration.xml). Due to the lack of these info and having not clearly understood the "cooking recipe" of M6, we are still using version 1.1M4 SecureStorageICardProvider class to create an instance of this class, in which we import the icard stored in our CRD file. So doing eveything works perfectly, even if we are not completely satiisfied of this M4-M6 code mixing (even if the mixing is very minimal!). At this stage, via the SecureStorageICardProvider.importCard(String) method we can import the card into a ICard instance. The ICard instance just imported will be passed to the handleGetTokenRequest() method; this method is the copy of the org.eclipse.higgins.crpps.service.InfoCardModel.handleGetTokenRequest() method with some changes. For example we remove the invocation of the I-Card Selector Service because we already have the ICard instance. Then we use the org.eclipse.higgins.iss.cardspace.CardSpaceSelector.getIdentityToken(); method to request the security token to the IdP. We only add the ICard object into the parameter containing the information card just imported. Also in this method we have removed the reference to the unused components (in this case the I-Card Registry because we use our ICard). In our work we use three Higgins files only, located into the %configuration-home/Configuration/ folder: . ClientConfiguration.xml: used as envisaged by Higgins 1.1M6 (apart from customising things like keystore name, ...) . PersonalConfiguration.xml: used as envisaged in 1.1M6 even if we remove all tag's values because we don't use personal cards in our context . keystore.jks: containing the X509 certificates associated with the ICards that we want to use to authenticate the client on the IdP with IX509V3Credential. In addition to these files we have the additional ConfigClient.xml file described above. Of course if someone is able to clarify the use of version 1.1M6 SecureStorageICardProvider class and its related config file, we would be able to completely avoid using one M4 class. Any suggestion or hints? As for the 1.1M4 code, TXT is the available to provide to the Higgisn community the new code based on 1.1M6. TIA ============================ Dr. Leonardo Straniero CRS - Corporate Research <http://www.txt.it/> cid:[email protected] c/o Tecnopolis N.O. Strada Prov. per Casamassima Km 3 70010 Valenzano (BA) - Italy
<<image001.gif>>
_______________________________________________ higgins-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/higgins-dev
