OpenSAML user discussion

[Tom Scavo <>]

On 1/13/06, Scott Cantor 
<>
 wrote:
> >
> > If one nameid has no format attribute
> > and another nameid is explicitly set to 'unspecified', the two
> > elements are comparable, aren't they?
>
> Comparable, certainly. Equal? Depends on who you ask and why. They sure
> aren't equal in the eyes of a digital signature.

Certainly.  However, two such nameids are semantically equivalent.

> In an extensible data model, comparison can be extremely complicated, and
> leaving it outside the library allows applications to define what
> equivalence means for a given use case.

I don't know if you consider a SAMLNameIdentifier format handler an
application, but I claim it's not possible to workaround this problem
with a handler alone (unless you allow null and empty format URIs in
formatMap).  Some changes to SAMLNameIdentifier are required,
including an equals method that properly handles null or empty
formats.

> It has the downside of not enabling
> certain kinds of algorithms, if those algorithms depend on Object.equals().

That's why it is generally a good idea to override equals.

> You don't have to agree with the trade-off I made, but I'm explaining that
> the contract works the way I intended it to, that no objects are considered
> "equal" unless they are the same object.

I guess I'm arguing this is too strict for SAMLObjects.

Tom