Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

Attribute Service 1.1

(Redirected from Attribute Service 2.0)

{{#eclipseproject:technology.higgins|eclipse_custom_style.css}}

Higgins logo 76Wx100H.jpg

The Attribute Service 1.1 provides a web services binding over the IdAS 1.1 Package. The first protocol we support is XDI

Architecture

Attribute-service-1.1.103.png
(Diagram Key)

Components:

Packages:

Authentication

Authentication issues include:

  1. How does the RP (in some cases this may be the selector client) discover what type of authentication materials are required? How are these types described (e.g. as a URI)?
  2. What types of authentication materials should be supported?
  3. How should the authentication credentials be serialized in the data sharing protocol?

RP Authentication Scheme Discovery

How the RP discovers the kind of authentication materials required depends on the type of value of the resource-udr claim. There are two possibilities. If the value is an Entity UDI then the type of authentication materials is described as a URI in the XRD of the target Context that is found during URI resolution. If, on the other hand, the value is an XRD, then the URI describing the type of authentication material required will be included in this XRD. These URIs are described in the the Authentication Material Types section of Authentication Materials.

Authentication Credential Serialization

This issue lives at two levels:

IdAS Layer

How will authentication credentials be serialized at the IdAS layer?

2009-02-26 – TODO - Markus to post a proposal.

Data Sharing Protocol Layer

How authentication data is serialized is protocol dependent. This serialization must be covered by the data sharing protocol specifications and if necessary the schema/dictionary specifications used by that protocol for the specific authentication schemes.

To use XDI as an example, the overall serialization formats for XDI are being defined in the XDI Serialization specification. Then the encoding of the specific XDI data types involved with a particular authentication scheme is specified in the XDI dictionary defining those data types. (XDI dictionaries semantics is being defined in the XDI Dictionary specification.)

See Also

Back to the top