On 20/09/2012 17:39, Colm O hEigeartaigh wrote: > Hi all, > > If I'm not mistaken, the ability to support binary attributes as > defined in SYNCOPE-123 will give the ability to import user > Certificates as an Attribute in Syncope. So for example if you are > importing users from an LDAP backend, you could map the inetOrgPerson > userCertificate attribute to a local binary attribute in Syncope. > > The question is whether we should consider Certificates as a special > kind of User Attribute in Syncope rather than just a binary attribute? > Maybe the Subject DN of the certificate would be displayed on the > console for example, or the PEM format of the certificate could be > displayed for copying+pasting. Perhaps the REST interface could also > give special access to X509Certificates? > > Just some thoughts, I appreciate any feedback!
Hi Colm, very nice to start discussing about this! I've added a reference to this mail thread to SYNCOPE-123. What you say above about certificates is perfectly reasonable; what about images, PDF files, or any other kind of binary data? We may think to implement an extensible mime-type handling mechanism. Let's consider some examples of attribute schema definition: for Date you need to provide the conversion pattern (from / to String), for Enum you need to provide the enumeration labels and values. Why not imagine that when defining a Binary attribute schema you will need to provide the mime-type? There could be a pluggable list of supported mime types with associated features: for X509Certificates get DN and PEM, for image/jpeg get width and height, and so on. WDYT? -- Francesco Chicchiriccò ASF Member, Apache Cocoon PMC and Apache Syncope PPMC Member http://people.apache.org/~ilgrosso/
