Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Difference between revisions of "PDS Client 2.0"

(Earlier Architecture Versions)
 
(21 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}
 
{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}
The PDS Client provides a high level interface for apps that wish to read and write attributes in the [[Personal Data Store 2.0]]. The PDS Client is packaged as either a C++ or Java code library or as a separate operating system process (e.g. on Windows it is a Windows Service).
+
The PDS Client provides a high level interface for apps that wish to read and write attributes in the [[Attribute Data Service 2.0]]. The PDS Client is packaged as either a C++ or Java code library or as a separate operating system process (e.g. on Windows it is a Windows Service).
  
 
=== Functionality===
 
=== Functionality===
Line 16: Line 16:
 
The following diagram highlights (in red) the [[PDS_Client_2.0]], showing it in the context of the rest of the components of the Higgins Active Client 2.0.  
 
The following diagram highlights (in red) the [[PDS_Client_2.0]], showing it in the context of the rest of the components of the Higgins Active Client 2.0.  
  
[[Image:PDS Client 2.0.102.png|center]]  
+
[[Image:Pds client 2.0.104.png|center]]  
  
Questions:
+
====New Questions====
 +
# Where is the wiki doc for API #1 and API #2?
  
#ABX is shown above not integrated with HBX, is this correct? '''A: Currently, there is no HBX component - the only browser extension is named ABX. In the future, when IMI functionality is integrated. The current ABX, will be renamed HBX 2.0 and it will included merged HBX and ABX functionality in a single BX.'''
+
====Answered Questions====
#The ACE/TAO Engine is sitting in the middle of the diagram but not within a process boundary. What process does it run in? Does it run in its own process? '''A: The ACE/TAO Code is running inside the other processes. A CORBA server component is embedded in PDS Client. A CORBA client component is wrapped inside IPCClient component which is loaded by ABX and Dashboard. There is no separate process for IPC.'''
+
# ABX is shown above not integrated with HBX, is this correct?  
#What is the purpose of the Higgins System Service?
+
## A: Currently, there is no HBX component - the only browser extension is named ABX. In the future, when IMI functionality is integrated. The current ABX, will be renamed HBX 2.0 and it will included merged HBX and ABX functionality in a single BX.
#The HSS, HSS Launcher and HSS Manager are all shown running within a single process. Is this correct?  
+
# What is the purpose of the Higgins System Service?  
#Is HBX still talking to HSS via a local socket? When merged with ABX will it then use ACE/TAO IPC instead?  
+
## A: First of all what we need to answer what HSS is. HSS (Higgins Selector Switch) is set of components that were designed to allow to switch between selectors (either higgins or thirdpaty) that conform HSS architecture.  
#Shown above is "JS PDS Client API #1" and "JS PDS Client #2". These are different APIs, correct?
+
### On Windows platform this set includes Higgins System Service (azigo-service.exe), HSS Core library (higgins-ss.dll), HSS Launcher (ss-runner.exe) and HSS Manager (hss.cpl).
#Shown above is a third API: ACE/TAO PDS Client API #3. Presumably this, functionaly, is a superset of API #1 and #2, correct?
+
### On OSX platform this set includes Higgins System Service (azigo-service) and HSS Core library (higgins-ss.dylib)
#Where is the wiki doc for API #1, API #2 and API #3?
+
## A: Higgins System Service is a system service. NT service on Windows and daemon on OSX.
#As shown there is only one "UI Process" within which PDS Dashboard UI, an embedded browser, an app ("JS from an app-card") inside the browser, and "Dashboard Core" code, etc. all run as subcomponents within this single UI process. Is this correct? Does each "JS from an app-card" run within its own browser thread? Does the Embedded Browser run in its own process?
+
## A: Since there is not yet support for IMI in A3, HSS is also not yet in A3.
 +
# The HSS, HSS Launcher and HSS Manager are all shown running within a single process. Is this correct?  
 +
## A: On Windows platform HSS (Higgins Selector Switch) architecture has 3 processes:
 +
### Higgins System Service (azigo-service.exe) - it is a system service that is responsible for running/restarting if necessary HSS Launcher process in each user session
 +
### HSS Launcher (ss-runner.exe) - serves token requests from HBX and redirects them to the selected selector
 +
### HSS Manager (hss.cpl) - control panel UI component that can be used to switch between selectors
 +
### Both HSS Launcher and HSS Manager processes use HSS Core library to handle selector switching and token handling.
 +
## A: On OSX platform HSS (Higgins Selector Switch) architecture has just one process:
 +
### Higgins System Service (azigo-service) - it is a system daemon that use HSS Core library to handle selector switching and token handling.
 +
# Is HBX still talking to HSS via a local socket? When merged with ABX will it then use ACE/TAO IPC instead?
 +
## A: When HBX functionality is merged back into into new architecture it'll use ACE/TAO based IPC instead of local socket.
  
Comments:
+
  
3. The Higgins System Service is system service (azigo-service process), invokes HSS Launcher process with current logged-in user's rights. It's because a system service can't invoke UI on Vista and higher versions, so we need additional process.
+
==== Earlier Versions ====
 
+
There is no additional HSS Launcher process on OSX, it (OS) has capabilities to run system service (daemon) with current logged in user's rights. So HSS code is sitting inside azigo-service process on Mac.
+
 
+
In Azigo3 we have system service as well to run PDSClient process. Architecturally, it's wrong to have one system service to launch both PDSClient and HSS processes. Need to update diagrams here (http://wiki.eclipse.org/PDS_Client_2.0_Design). HSS application is selector independent, so it can (or maybe must) work with Azigo3 app without integration inside Azigo3.
+
 
+
4. The HSS is dynamic library, so it's not executable, not a different process. It's loaded by HSS Launcher on Windows and azigo-service on OSX. HSS Launcher and HSS Manager are just windows specific apps (we don't have HSS Manager on other platforms) and they are run in different processes, HSS Launcher is invoked by azigo-service and HSS Manager is .cpl file (kind of dynamic library) which is invoked by system console. HSS Manager calls HSS's APIs directly.
+
 
+
<br>
+
 
+
==== Earlier Architecture ====
+
  
 
*[[PDS Client 2.0 Design]]
 
*[[PDS Client 2.0 Design]]
 
+
*[[PDS Client 2.0 Original Design]]
==== Original Architecture  ====
+
 
+
The PDS Client 2.0 package is shown in light blue:
+
 
+
[[Image:Active client 2.0.102.png|center]]
+
 
+
It consists of the following C++ components:
+
 
+
*Components 2.0#Permissioning - work not yet started. This component manages and persists the user's permissioning decisions for r-cards.
+
*Components 2.0#PAUL - Personal Agent Utility Layer (PAUL) - the higher level logic of the [[PDS_Client_2.0]]
+
*Components 2.0#Persona Data Provider - An API for the [[Persona Data Model 2.0]]
+
*Components 2.0#STS Client - planned. Need to split out from http://wiki.eclipse.org/Org.eclipse.higgins.iss
+
*Components 2.0#IPC Lib - planned.
+
*Components 2.0#Auth Client
+
*[[Components 2.0#IdAS_Client_C.2B.2B|Components 2.0#IdAS Client C++]] - communicates with [[Personal Data Store 2.0]]
+
*Components 2.0#IdAS API - does this exist?
+
  
 
=== APIs ===
 
=== APIs ===
  
@@@@to be written
+
* [[PDS Client 2.0 JavaScript API]] - Work in progress
 
+
* [[PDS 2.0 REST API]] - Work in progress
=== Schema Mapping ===
+
 
+
The [[PDS Client 2.0]] can map attributes to and from a context-specific schema (aka vocabulary, ontology, data model, etc.) into the [[Persona Data Model 2.0]]. It is also true that if a custom [[Context Provider]] is developed that CP can also do its own mapping. Both cases are shown below:
+
  
[[Image:Pds client 2.0.102.png|center]]
 
  
In the above diagram, the "app" is a browser extension, but any local app could easily have been shown instead. The concept is the same.
 
  
 
[[Category: Higgins Packages]]
 
[[Category: Higgins Packages]]

Latest revision as of 12:08, 9 December 2010

{{#eclipseproject:technology.higgins|eclipse_custom_style.css}} The PDS Client provides a high level interface for apps that wish to read and write attributes in the Attribute Data Service 2.0. The PDS Client is packaged as either a C++ or Java code library or as a separate operating system process (e.g. on Windows it is a Windows Service).

Functionality

The PDS Client 2.0's main purpose is to provides an API the user's data. It also:

  • Maintains a local copy of some or all of the person’s personal data stored in the remote personal data store
  • Maintains (and syncs to a remote personal data store and from there to other PDS Client instances) the user’s permissions–the decisions that the user has make as to who (what app or relying party) has access to what attributes. For example, the first time a new app/RP asks for a certain set of attributes, the PDS Client will trigger the PDS Dashboard to present the policy decision to the user. The next time this same request happens, the PDS Client remembers the grant and usually doesn’t have to bother the user about it this time.
  • Maintains an OAuth WRAP access token that it gets by authenticating itself to an external authentication service. It passes this token along in XDI messages to the remote PDS service.
  • Can be configured to encrypt attribute values before they are sent over the wire (e.g. in XDI messages) to the remote PDS
  • Contains a local Security Token Service (STS) that allows it to create and sign SAML (for example) tokens for self-asserted attributes.
  • Contains an STS client to support remote IdP/STSes managed by external parties (e.g. to support managed i-cards).
  • Performs cross-context schema mapping.

Architecture

The following diagram highlights (in red) the PDS_Client_2.0, showing it in the context of the rest of the components of the Higgins Active Client 2.0.

Pds client 2.0.104.png

New Questions

  1. Where is the wiki doc for API #1 and API #2?

Answered Questions

  1. ABX is shown above not integrated with HBX, is this correct?
    1. A: Currently, there is no HBX component - the only browser extension is named ABX. In the future, when IMI functionality is integrated. The current ABX, will be renamed HBX 2.0 and it will included merged HBX and ABX functionality in a single BX.
  2. What is the purpose of the Higgins System Service?
    1. A: First of all what we need to answer what HSS is. HSS (Higgins Selector Switch) is set of components that were designed to allow to switch between selectors (either higgins or thirdpaty) that conform HSS architecture.
      1. On Windows platform this set includes Higgins System Service (azigo-service.exe), HSS Core library (higgins-ss.dll), HSS Launcher (ss-runner.exe) and HSS Manager (hss.cpl).
      2. On OSX platform this set includes Higgins System Service (azigo-service) and HSS Core library (higgins-ss.dylib)
    2. A: Higgins System Service is a system service. NT service on Windows and daemon on OSX.
    3. A: Since there is not yet support for IMI in A3, HSS is also not yet in A3.
  3. The HSS, HSS Launcher and HSS Manager are all shown running within a single process. Is this correct?
    1. A: On Windows platform HSS (Higgins Selector Switch) architecture has 3 processes:
      1. Higgins System Service (azigo-service.exe) - it is a system service that is responsible for running/restarting if necessary HSS Launcher process in each user session
      2. HSS Launcher (ss-runner.exe) - serves token requests from HBX and redirects them to the selected selector
      3. HSS Manager (hss.cpl) - control panel UI component that can be used to switch between selectors
      4. Both HSS Launcher and HSS Manager processes use HSS Core library to handle selector switching and token handling.
    2. A: On OSX platform HSS (Higgins Selector Switch) architecture has just one process:
      1. Higgins System Service (azigo-service) - it is a system daemon that use HSS Core library to handle selector switching and token handling.
  4. Is HBX still talking to HSS via a local socket? When merged with ABX will it then use ACE/TAO IPC instead?
    1. A: When HBX functionality is merged back into into new architecture it'll use ACE/TAO based IPC instead of local socket.


Earlier Versions

APIs

Retrieved from "https://wiki.eclipse.org/index.php?title=PDS_Client_2.0&oldid=230866"

This page was last modified 12:08, 9 December 2010 by Paul Trevithick. Based on work by Michael McIntosh, Valery Kokhan and Vitaliy .

Back to the top