This page covers design projects which either enhance existing features or add new features. Both Open projects as well as completed projects are listed on this page.
General
| Feature |
Leader |
Description |
| Repository |
OPEN |
Implement a repository strategy for configuration data and potentially user meta-data. Options include embedded db, xml files, ldap. Need to evaluate Use Cases |
| Null vs. Empty values |
sfehrman |
Handling of null values vs. values with zero length (String.length() = 0). Framework, APIs, and Service will be effected. This will apply to the UPDATE Operation. An attribute will be "flagged" for removal. |
| Logging Password Data: Payload |
sfehrman |
Some user data, in the request/response payload, includes password values in clear text. |
Framework Tier
| Feature |
Leader |
Description |
Authorization: Enforcer Representation
|
OPEN: sfehrman |
Implement an Enforcer that supports the requirements of the Representation (Data) decider. This Enforcer provides fine-grain access control leveraging policies that effect request/response data.
|
| Attribute Function |
sfehrman |
The Attribute Operation and Function relationship are not that flexible. Need to support more flexibility and address the issue of "required" for an Attribute |
| Definition Enhancement |
sfehrman |
Subject accessible Attributes (defined within the Definition) need to be extended to support more flexible Use Cases and condition.
An Attribute should support multiple "Functions" that can be associated to any combination of "Operation" and (potentially mode, re-evaluate if "mode" is still needed). |
| i18n |
|
design internationalization / localization capabilities |
| Configurable Tier Interfaces |
|
Enhance the interface between the Consumer-Framework Tier and the Framework-Service Tier to be configurable. This will be need to implement other means of transporting "messages" between the tiers. Transports can include: direct (current design), message queue, database, JPA. |
| Async Operations |
|
Interfaces could support async operations, design options need to be evaluated |
| Multi-Service Contexts |
|
Allow a context to support more than one "Service". Consider allowing Service to either relate "in-order", parallel or hierarchically. |
| Attribute Error/State/Status |
sfehrman |
Enhance the Attribute/Attr to use Error/Status/State indicate various conditions that is might have. Such as ... a Request to a Service and the Service does not support the Attribute, the operation could continue (minus the Attribute) and the Result could have a matching attribute with a specific State/Error/Status condition. |
| missing Attributes |
sfehrman |
Enhance the Subject to handle Consumer Tier requests that contain Attributes that do not exist or are not supported by the Service. Reference the solution implemented for release 1.2 |
| Enhance Search |
sfehrman |
Enhance the search to handle search configuration of each service for controlling default search and service specific search behavior. Also support Consumer Tier requests that contain advanced search operations |
| Support Mime Data Type |
sfehrman |
Enhance the Framework / Server / Service to support a "Object" Data Type |
Service Tier
| Feature |
Leader |
Description |
| JMS |
|
A Service/Operations for writing to a Java Message Service. Operations should include: CREATE,UPDATE,DELETE |
| SCIM |
sfehrman |
Use the Simple Cloud Identity Management (SCIM) API to implement a Service / Operations. |
Server Tier
| Feature |
Leader |
Description |
| RESTful API |
sfehrman |
Document the API and format of results |
| External Attribute Mapper |
sfehrman |
This project will provide a means to "map" external attributes to internal OpenPTK attributes. This will support by-directional mapping. |
| SCIM Provider |
sfehrman |
Provider interface that supports the Simple Cloud Identity Management (SCIM) specification ... consumes SCIM requests |
| Authorization Check |
sfehrman |
A mechanism to determine if a given HTTP Method (GET, PUT, POST, DELETE) is (not) allowed against a given URI for a specific user. |
| RESTful aliases |
dharcey
|
This project is designed to address the requirements (issue 142) for aliasing the RESTful interface. |
| Parser JSON | sfehrman | This parser is used to encode / decode JSON syntax into Structures | | Parser XML | sfehrman | This parser is used to encode / decode XML syntax into Structures |
Applications
| Feature |
Leader |
Description |
| CLI |
|
output format: ldif,table,csv,xml |
| CLI |
|
Password Change |
| JavaFX |
harcey |
A JavaFX based application. Leverage RESTful web service |
| RESTFul consumer (provlet) |
harcey |
Need more details |
| Role usage |
|
Role examples (CRUD) framework, service, samples |
Completed Projects:
NOTE: All completed projects which have been implemented are listed below. These are the archive versions of the design related topics for features that have already been implemented. They are being kept here for reference.
General
| Feature |
Description |
| Client - Server Validation |
Design a mechanism for how the Client can validate (authenticate the client, not the end user) itself to the Server |
| Server packaging |
Deliver the OpenPTK solution as a deploy-able service in a web container. Support for on-line configuration and management |
Download Bundles
|
Prepare the different download options for various OpenPTK bundles
|
| encryption of proxy credentials |
Storing client-side credentials for use by the service should be encrypted. Will require general encryption mechanism used by the Framework and Service |
| Error code/message facility |
Create a mechanism that would manage error codes, levels, description, and action information. This facility would be used by all Tiers. Developers will register new errors with the facility and leverage an error handling API. All "hard coded" errors will be removed from source files. |
| State Enumerations |
State Enumerations (in base package) are used by multiple packages. Declare which enumerations apply to a tier. |
Logging
|
Design and implement an OpenPTK Logging service that will be the centralized logger for all log activities. It should be instantiated based on the Logger settings from the openptk.xml configuration.
|
| Logging Password Data: Authentication |
Various points in the login process are "logging" the user credentials (password) to a file. |
Maven Support
|
Document the steps necessary for a conversion to a Maven based project.
|
Framework Tier
| Feature |
Description |
| Authentication |
Ability to identify who (userPrincipal) is accessing the Consumer Interface. |
| Authorization |
Using the AutheN, identify what functions/capabilities the userPrincipal is allowed to perform.
Leverage the J2EE Declarative Security / Role model (userRole) |
| Model, Views, and Relationships |
Create a Model that has Views and Relationship facility to support the concepts of Siblings, Ancestors, and Children |
| Attribute Properties |
Add Properties to Attributes, need by client for dynamic UI |
| Function Processing |
Handling of function logic and chaining. Allow functions to control the processing to the next / other functions |
| Pre Post Operation Actions |
Enhance the Operations to support the configuration of Pre and/or Post processing for Operations |
| Plugins |
A general purpose mechanism for managing and accessing external "plugins" |
| Templates |
A facility for creating templates that are merged with runtime data. These can be used by multiple parts of the system. The initial requirement is for email templates |
Service Tier
| Feature |
Description |
| Architecture |
Interface to the Service/Operation Tier |
| SPML2 |
A Service/Operations that support the SPML2 specification. Operation should include: CREATE,READ,UPDATE,DELETE,SEARCH,PWDCHANGE,PWDRESET |
JNDI DN
|
use a ldap search to determine the dn for all operations other than create. |
| Oracle Identity Manager 11g |
Use the Oracle Identity Manager 11g Java API to implement the Services / Operations. |
Server Tier
| Feature |
Description |
| RESTful Web Service |
Create a REST web service interface that support the OpenPTK Operations |
RESTful Header variable mime-type alternatives
|
Provides a means to set the mime-type for the data. The mime-type can be set by either using a URI "suffix" or by setting a Query Parameter. This can be used instead of setting the HTTP Header variables: Content-type and/or Accept
|
Applications
| Feature |
Description |
| 2.0 Identity Central Interface |
UI for the Identity Central sample application design for 2.0 |
| Enhance Portlets |
Update the Portlet samples to include "Registration" and "Forgotten Password" use cases |
| Registration |
End User interface for self registration
|
|
|
