[security-dev] IdentityStore changes

Shane Bryzak sbryzak at redhat.com
Wed Oct 24 22:16:05 EDT 2012


I've made a couple of minor changes to IdentityStore to simplify the API 
as follows:

1) Removed method createUser(String id)

This method was redundant, as the implementation simply delegated to the 
other overloaded method of the same name:

public User createUser(String id) {
   return createUser(new SimpleUser(id));

Also, it would (IMO) be extremely rare for a user to be created without 
any of its other properties or attributes, such as first name, last 
name, e-mail address, etc.  We can still provide a createUser(String) 
method on the IdentityManager interface for the convenience of the User 
(my preference is not to have one at all), but make IdentityManager 
responsible for creating the User instance.

2) Changed return type from createUser(User user) from User to void.

Returning a User from this method when it already accepts a User 
parameter is also redundant.  I tossed up whether we should return a 
boolean instead, but decided against it because if user creation fails 
for whatever reason we should really be throwing an exception instead.

I'll try to make the update to the LDAP identity store myself to reflect 
these changes.  Just a heads up though that there will most likely be 
more changes coming as I discover further shortfalls in the API, so any 
assistance with keeping the various implementations synchronized with 
the API would be greatly appreciated.


More information about the security-dev mailing list