[gatein-issues] [JBoss JIRA] Resolved: (GTNPORTAL-1886) Disabling option "associationMembershipType" in idm-configuration.xml when only DB (Hibernate) is used as identity store

Boleslaw Dawidowicz (JIRA) jira-events at lists.jboss.org
Tue Aug 16 06:56:18 EDT 2011 

     [ https://issues.jboss.org/browse/GTNPORTAL-1886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Boleslaw Dawidowicz resolved GTNPORTAL-1886.
--------------------------------------------

    Resolution: Rejected


I don't want to remove this option at the moment as if we need to change the way GateIn identity model is mapped to picketlink or provide some migration tools this info may be good to have in database or enable to change implementation internals easier. 

> Disabling option "associationMembershipType" in idm-configuration.xml when only DB (Hibernate) is used as identity store
> ------------------------------------------------------------------------------------------------------------------------
>
>                 Key: GTNPORTAL-1886
>                 URL: https://issues.jboss.org/browse/GTNPORTAL-1886
>             Project: GateIn Portal
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: Identity integration
>    Affects Versions: 3.1.0-GA
>         Environment: EPP 5.1.0.GA
>            Reporter: Marek Posolda
>            Assignee: Boleslaw Dawidowicz
>            Priority: Minor
>             Fix For: 3.2.0-M02
>
>
> Right now, this option is enabled in idm-configuration.xml with value "member" . It means that when we are creating new membership with type "member", we need to call two picketlink API operations:
> 1) getIdentitySession().getRoleManager().createRole(mt.getName(), user.getUserName(), groupId)
> 2) getIdentitySession().getRelationshipManager().associateUserByKeys(groupId, user.getUserName())
> I think that second call to relationshipManager is redundant and it does not make much sense. We don't need unnamed relationship when we already have named relationship with type "member" created by RoleManager.
> Right now, with option enabled, there are more necessary calls to Picketlink API and also more records in DB. Especially we have 2 records in DB in table "jbid_io_rel" for each membership of type "member" . One with NAME=NULL and one with NAME=2 (member)
> For example: 
> mysql> select jbid_io_rel.* from jbid_io_rel inner join jbid_io on jbid_io.ID=jbid_io_rel.TO_IDENTITY where jbid_io.name like "john";
> +----+---------------+------+-------------+----------+
> | ID | FROM_IDENTITY | NAME | TO_IDENTITY | REL_TYPE |
> +----+---------------+------+-------------+----------+
> | 22 |             3 | NULL |          19 |        1 | 
> | 23 |             3 |    2 |          19 |        2 | 
> | 24 |             4 | NULL |          19 |        1 | 
> | 25 |             4 |    2 |          19 |        2 | 
> | 26 |             8 |    1 |          19 |        2 | 
> +----+---------------+------+-------------+----------+
> 5 rows in set (0,00 sec)

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the gatein-issues mailing list