Hello David, In IdAS (an API layer that abstracts from different identity related data sources) there is the concept of Authentication Materials: http://wiki.eclipse.org/Authentication_Materials
Authentication Materials are represented by the interface IAuthNMaterials in org.eclipse.higgins.idas.api. There are some implementation classes (e.g. for username/password, saml token, etc) in org.eclipse.higgins.idas.common. You need to pass one of them to the IContext.open() method to open an IdAS Context. E.g. if you want to open an LDAP Context, you may need an AuthNNamePasswordMaterials object (username / password). Authentication Materials can be (de-)serialized to strings, so that they can be sent over the network (see the AuthNMaterialsSerializer class). There are pre-defined "type" strings for Authentication Materials in IAuthNMaterials. Sometimes, the Authentication Materials type or even the Authentication Materials themselves can be discovered from a UDI that points to a Context: http://wiki.eclipse.org/UDI So, you could extend this by writing your own class that implements IAuthNMaterials. Of course you also need an IdAS Context Provider that understands your own type of Authentication Materials. Maybe this helps a bit. This is generic IdAS information. Unfortunately I don't know so much about how exactly the Higgins STS / Bandit use the IdAS layer. Markus On Fri, Dec 4, 2009 at 11:43 AM, David Campos <[email protected] > wrote: > Hello all, > > Maybe I'm wrong with what I guess but since I saw that BanditIdP could do > it and knowing that bandit is based on Higgins STS implementation I would > like to know how to use other authentication in Higgins Framework. What I > want is to allow to possible IdP users to access their profile after being > authenticated with a UN/PW pair, an iCard or and OpenID URL. > > As I have seen, going through axis1x binding code, credentials are needed > in order to access to the profile (I guess that it's an IdAS requirement). > There is any way to use other authentication methods? Do I need to wrap a > class made by me in order to do this authentication or Higgins already has a > way to extend this behavour? > > I say this because I saw and tested Bandit IdP method. I know that on that > IdP the user needs to associate his P-Card PPID to its account but that's > not a trouble after all. > > I hope you can help me. > > Regards, > --- > David Campos > Safelayer Secure Communications > DMAG UPC Researcher > > _______________________________________________ > higgins-dev mailing list > [email protected] > https://dev.eclipse.org/mailman/listinfo/higgins-dev > >
_______________________________________________ higgins-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/higgins-dev
