Shibboleth Developers

[Scott Cantor <>]

> Attribute names used in ARPs has not significance other than 
> finding the LDAP attribute and the java class that creates the SAML 
> attribute.  So if I use the name "foo" for an attribute in an ARP then
> AA uses that name to find the value for attribute "foo" in LDAP (or
other 
> repositories).  Then it loads the java class foo.class to handle this
> attribute.  Java code decides what the external name, scope, value,
etc.
> for the attribute should be.

Later on, could we build this in as metadata around a "catalog" of
registered attributes, and reference the attributes by their full name?

For example, on the C++ side, I register a function against the
namespace and URN of each attribute, so that the runtime can dynamically
call the right class based on the attributes it finds.

The Java code also does this for other SAML extension points like
Condition, Query, and Statement.

I have a simple Hashtable right now in SAMLAttribute that was intended
to be a starting point for this kind of thing. My thinking is to be able
to have different components like the AA, ARP tools, etc. share this
information and have it be self-registered by the attribute classes when
they are incoporated into the running code.

-- Scott

------------------------------------------------------mace-shib-design-+
For list utilities, archives, subscribe, unsubscribe, etc. please visit the
ListProc web interface at 

    http://archives.internet2.edu/

------------------------------------------------------mace-shib-design--