Bug 6501 – refactor the EntityMap interface

Bug 6501 - refactor the EntityMap interface

Summary:

refactor the EntityMap interface

Status:	RESOLVED FIXED

Product:	GridShib
Component:	SAML/Binding Tools
Version:	0.5
Platform:	All All

Importance:	P3 normal
Target Milestone:	beta
Assigned To:	Tom Scavo

URL:
Keywords:

Depends on:	6500
Blocks:	6427
	Show dependency tree / graph

Reported:	2008-10-24 14:23 by Tom Scavo
Modified:	2008-11-01 10:13 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Tom Scavo 2008-10-24 14:23:21

The current EntityMap interface is very simplistic:

public interface EntityMap {
    public boolean hasMetadata(String entityID);
    public String getDN(String entityID);
    public X509Certificate getX509Certificate(String entityID);
}

Note: The getX509Certificate is not yet implemented (since it requires SAML
metadata).  See the following API docs for a summary of the package that
contains EntityMap:

http://gridshib.globus.org/docs/gridshib-saml-tools-0.5.0/api/org/globus/gridshib/common/mapper/package-summary.html

To accommodate the one-to-many mappings described and implemented in Bug 6500,
a more general approach is needed, perhaps something like the following
interface:

public interface EntityMap {
    public boolean hasMetadata(String entityID);
    public Set getDNs(String entityID);
    public Set getScopes(String entityID);
    public Set getX509Certificates(String entityID);
}

There's no need to preserve getDN and getCertificate in the face of getDNs and
getCertificates, so the interface is going to break.  Consequently, now might
be a good time to consider Bug 5550 as well.

------- Comment #1 From Tom Scavo 2008-10-31 11:41:17 -------

After wading through the details, the proposed interface described in the
description has given way to the following interface: 

public interface EntityMap {
    public boolean hasMetadata(String entityID);
    public Set getDNs(String entityID);
    public String getDN(String entityID);
    public X509Certificate getX509Certificate(String entityID);
}

Only the getDNs(String) method is new.  None of the existing methods will be
deprecated.  In particular, the getDN(String) method will return one of the DNs
returned by getDNs(String).  It is up to the implementation to determine which
DN is returned.

It doesn't make sense to modify the EntityMap interface further.  The next step
should be the implementation of SAML metadata (Bug 6504).  At that point, the
EntityMap interface itself should be deprecated.

------- Comment #2 From Tom Scavo 2008-10-31 12:33:16 -------

Refactored EntityMapFile and EntityMapDir:

public class EntityMapFile extends SetMapFile implements EntityMap;
public class EntityMapDir extends SetMapDir implements EntityMap;

Note that the SetMapFile and SetMapDir classes are new (Bug 6500).

What this means is that the GridShibEntityMapper now supports one-to-many
mappings of entityID into sets of DNs.

------- Comment #3 From Tom Scavo 2008-10-31 12:45:47 -------

Refactored the TrivialEntityMap, which is a trivial implementation of the
EntityMap interface (used by the SAMLSecurityInfoTool and
GridShibSecurityTest).

------- Comment #4 From Tom Scavo 2008-10-31 12:47:19 -------

Committed all resources to CVS HEAD.  The refactored EntityMap interface (and
its implementations) will be distributed with GS-ST v0.6.0.

------- Comment #5 From Tom Scavo 2008-11-01 09:40:29 -------

Reopened this bug.  Add getDNs(String) method to GridShibEntityMapper and patch
the relevant methods in SAMLUtil.

------- Comment #6 From Tom Scavo 2008-11-01 10:13:32 -------

(In reply to comment #5)
> Add getDNs(String) method to GridShibEntityMapper and patch
> the relevant methods in SAMLUtil.

Done.  Will be distributed with GS-ST v0.6.0.