Shibboleth Developers

[Chad La Joie <>]

STOP! Before reading the main contents of this email please be sure you 
have read this:
http://groups.google.com/group/shibboleth-dev/browse_thread/thread/1fcab032218f8ffb 


Also, this is the last email in my list of design topics.  From here on 
out people should respond to the existing threads or, in the off chance 
that it's a topic that isn't related to any of those threads, start a 
new thread.  I will be doing the same as various things come up while 
work progresses.



This email discusses the general deployment environment (i.e. all the 
stuff around the IdP but that isn't the code we write/maintain).

Following are the things I currently plan to change:

- Update to use Servlet 2.5.  Current IdP uses 2.4.  Version 2.5 was 
released in Sept. 2005.

- Update to use Java 6.  Current IdP uses Java 5 with a strong 
recommendation to use Java 6.  By the time IdP v3 is released all major 
Servlet containers will have supported Java 6 for at least 4 years and 
most major JVM vendors have already stopped supporting Java 5.

- Jetty 7 will become the only officially documented and "supported" 
servlet container.  In this case supported means that we won't instantly 
tell people to go to the Servlet container vendor's support system 
(whatever that may be) but will try to help debug issues where time and 
expertise permits.  It is likely that I will also periodically test on 
Tomcat 7 to ensure that I am not inadvertently relying on some sort of 
Jetty-specific behavior.

- JBoss Infinispan will become the persistence layer of choice for all 
data that must be saved out or clustered assuming all testing with it 
goes fine.  This means that things like the StoredID data connector and 
the consent engine will use this for storing data on the file system and 
the entire IdP will use it for clustering data.  Tools will be provided 
to work with the saved data (e.g. to deactivate stored IDs)

Following are the things I am considering but have yet reached a 
decisions on:

- Providing alternative persistence layer implementations (e.g. 
relational database or LDAP)

- Remove requirement for, but strongly recommend, the endorsement of 
Xerces and Xalan.  The biggest reason I'm undecided about this is that 
Sun's JVM, version 5 and below, are what had the issue.  However it's 
unclear what exactly is going to happen with that JVM so it's unclear 
whether this bug will pop up again and what the best way to deal with it 
will be.

Following are the things I considered but have rejected:

- Update to latest Servlet 3.0 spec.  In particular, one feature that I 
found somewhat compelling is that the web.xml file plays less of a role 
while annotations play more of a role.  This would, in theory, mean that 
IdP extensions that contained servlets would not require a deployer to 
make changes to the web.xml unless the deployer wanted to change 
defaulted configuration values (e.g. servlet paths).  However the spec 
only came out towards the end of last year and it's unclear how many 
products will have mature support for it by the time IdP v3 is released.

--
Chad La Joie
http://itumi.biz
trusted identities, delivered