2 Replies Latest reply on Mar 17, 2009 12:14 PM by anil.saldhana

    Features request

    aamonten

      Hi,
      those are some features request that I have collected and think will be appropiate to implement in the future.


      * High availability of IDPs, as IDP is a web applicaction I dont think this is a mayor issue until it has more features.
      * Provisioning in all IDPs, adding, update an identity and the these change should been available on all IDPs. There has been discussions related to the use of SPML.
      * Support of Web Services, ID-WSF (this is already in JIRA)
      * Auditing and monitoring of events like intended logins.
      * Centralized repository for managing authorization rules.

      what do you think, any out of scope of federation server?

        • 1. Re: Features request
          anil.saldhana

          All good requirements.

          1) High availability of IDP.

          I think this will go along with the high availability of the containers. JBoss Clustering (ClusteredSingleSignOnValve needs to be turned on).

          2) The IDM API is supposed to be the provisioning api. Certainly SPML can be used between the consoles and the API.

          3) There will be WS-T support in addition to ID-WSF.

          4) Auditing will be available as part of the JBoss Security integration (a loose end that I am still trying to get integrated).

          5) This is the higher layer above JBossXACML that Sohil has been driving.


          Currently, there are some hooks in the IDM layer for pseudonyms etc. We need to do https://jira.jboss.org/jira/browse/JBID-64 to get the Identity Federation layer aware of IDM.

          • 2. Re: Features request
            anil.saldhana

            As I view it, IDM is a identity layer that handles user/roles/attributes combination for a particular domain. Between domains, there can be federation.