Skip Menu |
 

Subject: NIM: FEATURE: LIB: Query Language for Identity Properties
Design and implement a query language for use in obtaining data from the
NIM identity database.

This Query language and API would be for the use of third party
applications as well as libraries which need access to the user or
organization configuration data.

Types of queries that can be issued include return:

* "the 'DefaultCCName' for the 'jaltman@ATHENA.MIT.EDU' identity

* "the 'X509 Certificate' which can be used to obtain krb5
credentials using the principal name 'jaltman@ATHENA.MIT.EDU'

This query API should be used in place of querying the registry directly
because responses might be computed from available data. For example,
if there is no 'DefaultCCName' property specified by the user, a default
will be computed depending upon whether API, FILE, or other types of
ccaches are the default.

For the X509 certificate query, resolving the query might require
searching the Windows Certificate Store for a certificate containing the
required properties.

Only items that are specified in the published schema will be eligible
for searching.