OpenSAML user discussion

[Xiang Yang <>]

Hi all,

This is a mixed question of general saml issue and opensaml. Because of
the opensaml part I think it is perhaps better to post it here than to
the saml-dev list.

I am developing a protocol to send metadata among IdPs and SPs within a
federation or even between federations in a dynamic manner. For example,
if entity A trusts entity B and B trusts C, then B automatically sends
the metadata of C to A so that the trust relationship between A and C
also can be established automatically / dynamically. 

Now I use the AttributeQuery to encapsulate my protocol message. The
reason to do it so is that I can use the opensaml API to quickly develop
a prototype and the first implementation is almost finished upon this
basis. I mapped following saml elements to my protocol elements:
subject -> msg header
attribute -> msg body
issuer -> entity id
NameQualifier of issuer -> federation id
NameQualifier of subject -> message type

However, I always have the doubt that I am misusing the AttributeQuery
instead to define my protocol cleanly. Thus, my question, is it usual to
use AttributeQuery for other purposes like mine than to retrieve / send
attributes? Do I really need an extension to RequestAbstractType? If I
decide to create a class implementing the interface RequestAbstractType
of opensaml, how much cost could it be? Do I have to create appropriate
Builder, Marshaller, Unmarshaller as well encrypted type for my
extension?

Many thanks,

Yang