Shibboleth Developers

[Jim Fox <>]

> > We weren't think of this in the shib code base.  We do know how
> > exacting and how much trouble that can be.   This was offered
> > more as an example of how a targeted id might be put into
> > production.
> >
> > I think we'll go the route of a web page, explaining what we did -
> > and how and why.
>
> Is it something we can eventually incorporate for 2.0 (or sooner)? It's
> going to be hard to fully support SAML 2.0 without something fairly close to
> that.

I'll leave that up to you.  Our mods to JDBCDataConnector were not so
great, mostly class name changes, and the switch to a call from a query.
Most of the implementation details are on the database server.

The use of external databases for IdP data is going to become more common. 
There's entirely too much reliance on xml-text-as-dbms in shib.

> Now that Cloudscape is available from IBM, it's at least possible to provide
> a real database in a Java package now. When I looked at the quality of the
> alternatives, I was frankly appalled.

I just used the standard jdbc implementation from JDBCDataConnector.
And a driver from mysql, com.mysql.jdbc.Driver.  It's possible that
a more standard driver would work as well.

I'll have to look into Cloudscape, databases and java are new to me.

Jim