Skip to Content.
Sympa Menu

shibboleth-dev - RE: More defined custom extensions mechanism

Subject: Shibboleth Developers

List archive

RE: More defined custom extensions mechanism


Chronological Thread 
  • From: "Scott Cantor" <>
  • To: "'Tom Scavo'" <>
  • Cc: "'Chad La Joie'" <>, "'Walter Hoehn'" <>, "'Shibboleth Developers'" <>, "'Von Welch'" <>
  • Subject: RE: More defined custom extensions mechanism
  • Date: Wed, 6 Jul 2005 14:29:48 -0400
  • Organization: The Ohio State University

> That's a possibility, yes. I guess it depends on what steps you're
> willing to take to protect the contents of etc/. Personally, I would
> never delete that directory or overwrite anything in it, even if an
> interactive user says "yes" to the prompt. It's just too easy to
> shoot yourself in the foot.

I totally agree, I mentioned it yesterday on the call.

> You convinced me earlier that mods to the IdP config are a one-time
> operation, period. Thanks for straightening me out on that, and we've
> adjusted our strategy accordingly. However, mods to the metadata file
> and the gridmap files are ongoing. AFAIK such changes will have
> little or no effect on a running IdP.

Agreed, but I wouldn't be running those tools from the install process.

> We will supply tools to manage the metadata file and the gridmap
> files. (Presumably these tools will be stored in $IDP_HOME$/bin.)
> Initially, the tools will be simple scripts (if anything) that copy
> the metadata file and/or the gridmap files into the tomcat webapp
> directory. For this to work, the scripts will need access to
> build.properties, specifically, ${tomcat.home} and ${idp.webapp.name}.
> So this raises two additional questions:
>
> 1) Can an extension have a bin/ directory, which is automatically
> copied over into the $IDP_HOME$/bin directory?

I think that ought to be supported. The last thing I'd want to do is prevent
people from helping us by supplying useful stuff in bin.

> 2) Can a script in $IDP_HOME$/bin have access to build.properties?

I think that's wrong. I think you should use SHIB_HOME to find the root and
then locate things relatively from there.

> I can see some problems with the latter, but how else will scripts in
> $IDP_HOME$ know where the webapp is?

It's not the webapp that matters, ideally it's built from the source
whenever required and just sits in TOMCAT_HOME/webapps. It's SHIB_HOME that
should drive tools. Moreso than even now, in fact, we don't use it much
except for locating jars to build the classpath (see our utility shell
scripts).

-- Scott




Archive powered by MHonArc 2.6.16.

Top of Page