[gatein-issues] [JBoss JIRA] Commented: (GTNPORTAL-1886) Disabling option "associationMembershipType" in idm-configuration.xml when only DB (Hibernate) is used as identity store

Marek Posolda (JIRA) jira-events at lists.jboss.org
Thu Apr 28 05:55:19 EDT 2011 

    [ https://issues.jboss.org/browse/GTNPORTAL-1886?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12598676#comment-12598676 ] 

Marek Posolda commented on GTNPORTAL-1886:
------------------------------------------

I've tried to comment this option and do some UI testing and it seems that disabling it does not have any side effects. I am not sure about backward compatibility or other potential things.

> Disabling option "associationMembershipType" in idm-configuration.xml when only DB (Hibernate) is used as identity store
> ------------------------------------------------------------------------------------------------------------------------
>
>                 Key: GTNPORTAL-1886
>                 URL: https://issues.jboss.org/browse/GTNPORTAL-1886
>             Project: GateIn Portal
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Identity integration
>    Affects Versions: 3.1.0-GA
>         Environment: EPP 5.1.0.GA
>            Reporter: Marek Posolda
>            Assignee: Boleslaw Dawidowicz
>            Priority: Minor
>             Fix For: 3.2.0-GA
>
>
> Right now, this option is enabled in idm-configuration.xml with value "member" . It means that when we are creating new membership with type "member", we need to call two picketlink API operations:
> 1) getIdentitySession().getRoleManager().createRole(mt.getName(), user.getUserName(), groupId)
> 2) getIdentitySession().getRelationshipManager().associateUserByKeys(groupId, user.getUserName())
> I think that second call to relationshipManager is redundant and it does not make much sense. We don't need unnamed relationship when we already have named relationship with type "member" created by RoleManager.
> Right now, with option enabled, there are more necessary calls to Picketlink API and also more records in DB. Especially we have 2 records in DB in table "jbid_io_rel" for each membership of type "member" . One with NAME=NULL and one with NAME=2 (member)
> For example: 
> mysql> select jbid_io_rel.* from jbid_io_rel inner join jbid_io on jbid_io.ID=jbid_io_rel.TO_IDENTITY where jbid_io.name like "john";
> +----+---------------+------+-------------+----------+
> | ID | FROM_IDENTITY | NAME | TO_IDENTITY | REL_TYPE |
> +----+---------------+------+-------------+----------+
> | 22 |             3 | NULL |          19 |        1 | 
> | 23 |             3 |    2 |          19 |        2 | 
> | 24 |             4 | NULL |          19 |        1 | 
> | 25 |             4 |    2 |          19 |        2 | 
> | 26 |             8 |    1 |          19 |        2 | 
> +----+---------------+------+-------------+----------+
> 5 rows in set (0,00 sec)

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the gatein-issues mailing list