[security-dev] Review of IDM API

Jason Porter lightguard.jp at gmail.com
Thu Sep 13 13:24:54 EDT 2012

== Picketlink IDM API Review ==

=== General ===

* We should probably implement a good hashcode and equals for our simple
implementations in the API.

=== AbstractIdentityType / IdentityType ===

* getCreationDate should return a copy / clone of the date
* setAttribute might be easier to use if it were vararg
* getAttribute Would returning the first value be expected? Maybe it should
be renamed to getFirstAttributeValue?
* getAttributeValues should also return a clone of the array

=== Range ===

* The private no args constructor is redundant because there's already a
ctor with args

=== Queries ===

* Maybe it's just me, but these are all a type of query and have some
things in common. It makes sense to me, and we could make things DRY by
pulling those things out into a common interface (maybe also use generics)
and cut down on the implementation a bit.

=== IdentityStore ====

* Having two executeQuery methods, one without the Range would be a little
more user friendly when you don't want to use a range or don't need one.
* I see no point in having all the get, set, remove methods on
IdentityStore. It blurs the line of what you would expect it to do based on
its name and doesn't separate concerns. I would figure it would have
retrieve and store methods for IdentityType, Group, Role and User then
you'd modify those objects as needed and store them when you're done just
like with JPA entities.

=== SecurityConfigurationException / SecurityException ===

* We should remove the ctors that don't set a message. An exception w/o a
message for the user is worthless.

Jason Porter

Software Engineer
Open Source Advocate
Author of Seam Catch - Next Generation Java Exception Handling

PGP key id: 926CCFF5
PGP key available at: keyserver.net, pgp.mit.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/security-dev/attachments/20120913/f903f3bc/attachment.html 

More information about the security-dev mailing list