blob: 6fd8432ccc1d277c9259e3217dc5ee92838bffc5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
======================
The Lasso Architecture
======================
Doesn't store, doesn't communicate.
Modeled on liberty profiles; one profile = one class
Objet oriented but in C. Talks about how this work (necessary to know for the
lasso_profile functions)
------
Lasso provides the necessary functions to implement Liberty Alliance profiles,
as defined in the `Liberty ID-FF Bindings and Profiles Specification`_ and
explained in the previous chapter. Each profile maps to a Lasso class:
===================================== =============================
Single Sign-On and Federation LassoLogin
Name Registration LassoRegisterNameIdentifier
Federation Termination Notification LassoFederationTermination
Single Logout LassoLogout
Name Identifier Mapping LassoNameIdentifierMapping
Identity Provider Introduction *not implemented*
Name Identifier Encryption *not implemented*
===================================== =============================
There are also a few other classes to know about:
- LassoServer holds the data about a provider, which other providers it knows,
what certificates to use, etc.
- LassoIdentity holds the data about a Liberty federated identity
- LassoSession holds the data about an active Liberty session.
- LassoProfile is the base class for profiles.
Talk more about respective usage of Identity and Session.
.. _Liberty ID-FF Bindings and Profiles Specification:
http://www.projectliberty.org/liberty/content/download/319/2369/file/draft-liberty-idff-bindings-profiles-1.2-errata-v2.0.pdf
|