shibboleth-dev - [Shib-Dev] [IdPv3] Deployment Environment
Subject: Shibboleth Developers
List archive
- From: Chad La Joie <>
- To:
- Subject: [Shib-Dev] [IdPv3] Deployment Environment
- Date: Wed, 11 Aug 2010 15:24:50 -0400
- Organization: Itumi, LLC
STOP! Before reading the main contents of this email please be sure you have read this:
http://groups.google.com/group/shibboleth-dev/browse_thread/thread/1fcab032218f8ffb
Also, this is the last email in my list of design topics. From here on out people should respond to the existing threads or, in the off chance that it's a topic that isn't related to any of those threads, start a new thread. I will be doing the same as various things come up while work progresses.
This email discusses the general deployment environment (i.e. all the stuff around the IdP but that isn't the code we write/maintain).
Following are the things I currently plan to change:
- Update to use Servlet 2.5. Current IdP uses 2.4. Version 2.5 was released in Sept. 2005.
- Update to use Java 6. Current IdP uses Java 5 with a strong recommendation to use Java 6. By the time IdP v3 is released all major Servlet containers will have supported Java 6 for at least 4 years and most major JVM vendors have already stopped supporting Java 5.
- Jetty 7 will become the only officially documented and "supported" servlet container. In this case supported means that we won't instantly tell people to go to the Servlet container vendor's support system (whatever that may be) but will try to help debug issues where time and expertise permits. It is likely that I will also periodically test on Tomcat 7 to ensure that I am not inadvertently relying on some sort of Jetty-specific behavior.
- JBoss Infinispan will become the persistence layer of choice for all data that must be saved out or clustered assuming all testing with it goes fine. This means that things like the StoredID data connector and the consent engine will use this for storing data on the file system and the entire IdP will use it for clustering data. Tools will be provided to work with the saved data (e.g. to deactivate stored IDs)
Following are the things I am considering but have yet reached a decisions on:
- Providing alternative persistence layer implementations (e.g. relational database or LDAP)
- Remove requirement for, but strongly recommend, the endorsement of Xerces and Xalan. The biggest reason I'm undecided about this is that Sun's JVM, version 5 and below, are what had the issue. However it's unclear what exactly is going to happen with that JVM so it's unclear whether this bug will pop up again and what the best way to deal with it will be.
Following are the things I considered but have rejected:
- Update to latest Servlet 3.0 spec. In particular, one feature that I found somewhat compelling is that the web.xml file plays less of a role while annotations play more of a role. This would, in theory, mean that IdP extensions that contained servlets would not require a deployer to make changes to the web.xml unless the deployer wanted to change defaulted configuration values (e.g. servlet paths). However the spec only came out towards the end of last year and it's unclear how many products will have mature support for it by the time IdP v3 is released.
--
Chad La Joie
http://itumi.biz
trusted identities, delivered
- [Shib-Dev] [IdPv3] Deployment Environment, Chad La Joie, 08/11/2010
Archive powered by MHonArc 2.6.16.