Skip to main content

Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Org.eclipse.higgins.idas.proxy

{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}

Higgins logo 76Wx100H.jpg

This page describes the higgins.idas.proxy component (IdAS Proxy), which exposes IdAS services at an XDI endpoint. The idea is that the IdAS Proxy runs a full IdAS stack including a set of Context Providers. Thin clients can then talk to this IdAS Proxy.

The IdAS Proxy uses the UDI Resolver for resolving UDIs on a client's behalf.

The IdAS Proxy uses the Attribute Service for exposing a Context after opening it on a client's behalf.

If configured appropriately, the IdAS Proxy can act as a Personal Data Store.

Javadoc

Service

XDI Messages are used by a client to communicate both with the IdAS Proxy and the Attribute Service. The following sections describe the XDI messages understood by the IdAS Proxy.

Contexts

A client can request a Context UDI to be resolved to Context Metadata:

=sender
	$get
		/
			$
				$is$a	<-- request the Context Types -->
				$authn$type	<-- request the Authentication Materials Types -->
				$authn	<-- request the Authentication Materials -->
$
	$value
		"[Context UDI]"

A client can request a Context UDI to be resolved and an Attribute Service endpoint to be instantiated for the Context.

=sender
	$get
		/
			$
				$uri$http	<-- request an Attribute Service endpoint for the Context -->
$
	$value
		"[Context UDI]"
	$authn$type
		[Authentication Materials Type]	<-- type of Authentication Materials for opening the Context -->
	$authn
		"[Authentication Materials]"	<-- Authentication Materials for opening the Context -->

The above messages can also be combined in different ways by including all desired XDI predicates in the XDI request. For example, if the predicate $is$a and $uri$http are included in the message, the Context Types will be returned, AND an Attribute Service endpoint will be instantiated.

Entities

A client can request an Entity UDI to be resolved:

=sender
	$get
		/
			=
				$uri$http	<-- request an Attribute Service endpoint for the Context -->
				=	<-- request the Entity ID in the Context -->
=
	$value
		"[Entity UDI]"
	$authn$type
		[Authentication Materials Type]	<-- type of Authentication Materials for opening the Context -->
	$authn
		"[Authentication Materials]"	<-- Authentication Materials for opening the Context -->

Attributes

A client can request an Attribute UDI to be resolved:

=sender
	$get
		/
			+
				$uri$http	<-- request an Attribute Service endpoint for the Context -->
				=	<-- request the Entity ID in the Context -->
				+	<-- request the Attribute ID on the Attribute -->
+
	$value
		"[Attribute UDI]"
	$authn$type
		[Authentication Materials Type]	<-- type of Authentication Materials for opening the Context -->
	$authn
		"[Authentication Materials]"	<-- Authentication Materials for opening the Context -->


See Also

Back to the top