Persistent Id with local databases.
- Scott Cantor
This describes a method that maintains persistent ids in local, independent, postgres databases. Â Automatic synchronicity is maintained due to each host updating its own database exactly the same for any combination of user and RP. Â In addition it allows for editing of persistent ids and the association of a persistent id with all members of an RP 'cluster'.
Database
The database consists of a table for relying parties and a table for the persistent id (tgtids).
database definitions
CREATE TABLE rp (
rpno integer,
rpid text NOT NULL
);
ALTER TABLE ONLY rp ADD CONSTRAINT rp_rpid_key UNIQUE (rpid);
CREATE TABLE tgtid (
rpno integer,
regid character(32),
tgtid character(32)
);
ALTER TABLE ONLY tgtid ADD CONSTRAINT tgtid_regid_key UNIQUE (regid, rpno);and a function that either returns an existing value or a new value
tid2 function
 CREATE FUNCTION tid2(character, text) RETURNS character
LANGUAGE plpgsql AS $_$
declare
my_tgtid char(32);
my_rpno integer;
begin
select into my_tgtid tgtid from tgtid,rp where tgtid.regid=$1 and rp.rpid=$2 and tgtid.rpno=rp.rpno;
if not found then
select into my_rpno rpno from rp where rpid=$2;
select into my_tgtid md5(xxxxxxxxxxxxxxxxxx);
INSERT INTO tgtid values (my_rpno, $1, my_tgtid);
if not found then
return my_tgtid;
end if;
end if;
return my_tgtid;
end;
$_$;where 'xxxxxxxxxxxxxxxxxx' is some combination of salt, rp  and user, e.g.
 xxx..xxx ==  'salt1'||$1||my_rpno||'salt2'Maintenance of the rp table
Any relying party that gets a persistent id in any way must be preloaded into the rp table, and that all hosts must have the same rpno/rpid associations.  At UW we have  a script that parses the attribute filter file whenever it changes.  That's as good a place as any to automate the process.
Attribute Resolver Configuration
The data connector for the persistent id is now a simple relational database connector.
Data Connector
and the definition of EptidDataConnector is in global.xml
eptid bean def
Â
Â