The initial code-drop for IGF Attribute Services API has been checked in. This drop is based on igf-carml-08 schema (and is included in the project code repository).

In SVN you can either download the head version (under trunk), or the milestone0.2 version under branches.

Within each of trunk and branches/milestone0.2 you will find two eclipse projects:

• org.openliberty.igf.attributeServices
• org.openliberty.igf.attributeServices.test

The latter project is the JUnit code that tests the API in the first project. The JUnit code is currently the best way to see examples of how to use the API at this time.
Note: I don’t see any reason why these projects shouldn’t work in NetBeans or JDeveloper. However, I must confess I haven’t tested them. I was following the id-wsf client project’s example by using Eclipse. Since this release is still an early release, no build files have been constructed yet. This release is for comment and input.

Highlights for this check-in are:

• Basic implementation of the Attribute Services API including
• Carml Schema Declaration
• Simplistic WS-Policy support - policy is currently not interpreted at this time (see note below)
• Carml Transaction Declaration (Add, Authenticate, Delete, Modify, Read, Search)
• Transaction Implementation (for all above)
• IGF Stack Provider Interface - the interface that products like OVD need to implement to accept an IGF Attribute Service client.
• CARML document reader and writer methods
• JAAS LoginModule Implementation - rudimentary integration with platform/container security
• JUnit tests validating operations above. Note: the Write CARML step fails since XML is not done
• A Test provider that simulates a memory based repository.

There are still many items to implement, some of which are:

• Policy Assertions is still just a dumb object. And igf-appidpolicy and igf-deployid policy are not implemented. I’m still looking for a good open source implementation of WS-Policy - I found Apache Neethi, but it had some questionable dependencies that I still need to research.
• No server-side support such as AAPML
• IDE Integration Tools - this is another (much bigger) project that will happen likely after Liberty publishes IGF specs.
• There is no end-to-end demo. Next step is to write providers for Higgins IdAS and other possible connectors or attribute authorities.
• Deployment management - the API does not handle configuration management. This would be the job of the provider (e.g. OVD, Higgins) to decide how best to handle this.

The API description on the openLiberty site has been revised. The chief reason is we made some major changes after broader discussion:

• Separated schema from transactions. Now schema is declared on its own and transactions use schema….rather than the other way around. This is more friendly to enterprises who would like to use standardized schema or use enterprise standard schemas.
• Introduction of Roles and Filters
• Support for WS-Policy and the new drafts for (igf-appIdPolicy and igf-DeployIdPolicy)

Enjoy