This page describes the architecture of the core components planned for Higgins 1.0
Client apps and services that use these core components are expected to include:
- Higgins Browser Extension
- "Relying Party" websites that will consume identity data provided by Higgins-based services. These would use at least the "RP Enablement" component mentioned below
- Eclipse RCP apps can leverage the ISS Client UI app for authentication
- Enterprise apps that could potentially rely on one or more of: I-Card Selector Service, ISS Web UI, ISS Client UI, and Identity Attribute Service
- RP Enablement
- I-Card Manager
- HBX Support
- ISS Web UI
- ISS Client UI
- I-Card Selector Service (ISS)
- I-Card Registry
- I-Card Provider
- Attribute-Claim Mapping
- Token Service
- Token Provider
- Identity Attribute Service (IdAS)
- Context Provider
Recent changes to the diagram
- v27: Renamed "Token Issuer" to "Token Service"
- v25-6: Rename i-card broker/manager to i-card manager; change line at top connected to ISS Web UI to red (to reflect a possible deployment option is that the ISS Web UI runs local (on same machine as browser))
- v24: Changed how "Attribute/Claim Mapping" component interconnects with Token Provider
- v23: Added a new component, "Attribute/Claim Mapping"; Changed Token Provider to (optionally) pull claim data from I-Card Provider (instead of directly from IdAS, as it had been in v22).
- v22: Split ISS into two: ISS and I-Card Registry; Renamed DI Provider Framework to Token Issuer; And renamed DI Issuer to Token Provider per discussion at most recent F2F.
- v21: Removed the "contributed to Higgins" vs. "Higgins component" distinction; Added "optional" interconnect lines; renamed I-Card Broker to "I-Card Manager (Webapp)"; added annotation for I-Card File/Wire Format;
- v20: Renamed STS to DI Issuer Framework; Renamed Token Provider to DI Issuer; Added local/remote interconnect lines; removed HBX and other requesters (to separate diagram)
- v18-19: Interface to local STS moved to I-Card Providers (from ISS); Removed "Identity Provider" grey box at the top; Moved Relying Party from the top to its own "Relying Parties" area at the right. Moved lower grey IdP box into its own separate "Service Provider" area. Changed font to Bookman Old Style.
- v17: Added two new grey boxes: File Import & Export (of I-Cards), Remote IdP; added a line to show that I-Card Broker WebApp will use IdAS API directly
- v16: Added a line from "Local or Remote Enterprise Apps" to the top of "ISS UI (Rich Client)"; Also, added a new grey box: "Identity Provider (Issuer)"
- v15: Added "Browser" grey box
- Added in missing ISS UI (Rich Client) component --needed to mimic exactly
- CardSpace's WinXP-based architecture
- Connected the Relying Party to both the Browser and to HBX
- Removed End User Components, Developer, Enterprise -> simply added "Enterprise" to :large grey box text instead
- Removed the RCP Demo App entirely (retiring it)
- Switched the interconnecting lines style
- Split ISS UI & HBX Support into two separate components: ISS UI (WebApp) and HBX :Support
- Shortened Relying Party Tags & Impl to "Relying Party"
- v11-14: Added I-Card Providers to ISS; now I-Card Providers consume IdAS API not ISS; add "Enterprise" label
- v10: Added I-Card Broker Web App to diagram and text
- v9: Added to IdAS API: Local Language Bindings; added two directional arrows to/from STS; added a "gray" STS
- v8: Minor formatting tweaks.
- v7: Split Higgins core into "IdAS" and "Identity Selector Service", removed "root" Context Providers from diagram, added PAM integration, removed all color coding relating to development status, added "3rd party contributed" distinction/color. Higgins has now become just the name of the enclosing projects, but the component names no longer contain "Higgins".
- v6: Added two JAAS boxes