[security-dev] IdentityStore changes

Anil Saldhana Anil.Saldhana at redhat.com
Wed Oct 24 22:22:13 EDT 2012

On 10/24/2012 09:16 PM, Shane Bryzak wrote:
> Guys,
> I've made a couple of minor changes to IdentityStore to simplify the API
> as follows:
> 1) Removed method createUser(String id)
> This method was redundant, as the implementation simply delegated to the
> other overloaded method of the same name:
> public User createUser(String id) {
>     return createUser(new SimpleUser(id));
> }
> Also, it would (IMO) be extremely rare for a user to be created without
> any of its other properties or attributes, such as first name, last
> name, e-mail address, etc.  We can still provide a createUser(String)
> method on the IdentityManager interface for the convenience of the User
> (my preference is not to have one at all), but make IdentityManager
> responsible for creating the User instance.
> 2) Changed return type from createUser(User user) from User to void.
> Returning a User from this method when it already accepts a User
> parameter is also redundant.  I tossed up whether we should return a
> boolean instead, but decided against it because if user creation fails
> for whatever reason we should really be throwing an exception instead.
> I'll try to make the update to the LDAP identity store myself to reflect
> these changes.  Just a heads up though that there will most likely be
> more changes coming as I discover further shortfalls in the API, so any
> assistance with keeping the various implementations synchronized with
> the API would be greatly appreciated.
If the LDAP implementation chokes when you make API changes, add @Ignore
to the tests so that Pedro or I can fix it periodically.
IMO IDM is the most critical piece of the puzzle with the most impact on 
projects. We should try to stabilize the API as quickly as possible. If 
we checkpoint periodically, it will enable projects and quickstarts to 
get developed in parallel.

More information about the security-dev mailing list