StorageService and IdP3

Cantor, Scott cantor.2 at
Tue Sep 16 14:15:00 EDT 2014

On 9/16/14, 1:25 PM, "Szerb, Tamas" <toma at> wrote:
>I was looking around the StorageService, and my first question came, why
>we need to deal with it when it would be possible to put all data into
>HttpSession which can be easily persisted and clustered with servlet

This is a dev list question, but the answer is that it's not "easily"
persisted. None of the state in the IdP is Java Serializable. That would
require a complete rewrite of OpenSAML along with a change to the most
basic design constraint we started with.

Secondly, requiring a container session would preclude using client side
storage where applicable, not to mention that it would make alternative
storage options non-portable and container-specific.

In short, it's a bad idea.

>The second one that I see that IdP 3.0.0alpha2 has a JPA implmenetation
>from OpenSAML; is there any experience with it?

Just unit tests. The amount of outside testing of V3 has been minimal, and
the eventual release schedule and the likely bug count will reflect that.

> Where is the source of that IdP?


All trunks.

Please use dev for any V3 related issues.

-- Scott

More information about the users mailing list