[security-dev] lookupIdentityById requires preconfigured Tiers

Shane Bryzak sbryzak at redhat.com
Wed Jul 10 22:49:55 EDT 2013

Unfortunately the JPA support isn't working yet, the redesign required a 
total rewrite of JPAIdentityStore which we're working on right now.

On 11/07/13 11:01, Bill Burke wrote:
> I have contributors blocked on me waiting to get a first iteration of
> the backend of my new project.   I don't need a release, just something
> usable on the JPA side of things.   If anything is usable, I can start
> banging on it and help fix bugs or at least identify problems.
> Otherwise, I'll continue improving my git fork of Picketlink to support
> my work.  In the least it will allow me to further learn the current
> (albeit obsolete) Picketlink code and help flush out and find more use
> cases/problems.
> On 7/10/2013 7:55 PM, Shane Bryzak wrote:
>> Bill, you've got to wait until we've merged the PLINK-130 changes back
>> into trunk - pretty much everything has changed now, and we're working
>> extremely hard to get another beta out shortly.  If you want to get a
>> feel for what has changed, the merge branch is here:
>> https://github.com/picketlink/picketlink/tree/merge/PLINK-130
>> By the way we're code-naming the next release "Bill", because it was
>> your use cases that drove all the changes.  Hopefully the work we've
>> done is going to meet your requirements much better than before.
>> On 11/07/13 09:45, Bill Burke wrote:
>>> Ok, I was going to add a getPartitions() method to IdentityStore, but
>>> this just won't scale.  Instead I changed
>>> DefaultIdentityManager.checkIfIdentityTypeExists() to take into account
>>> the identityType's partition id if it is set.  This fixes my grantRole()
>>> problem.
>>> The question is on whether IdentityManager.lookupIdentityById() needs to
>>> be fixed.  If this method is supposed to be scoped to the partition,
>>> then its ok, otherwise it will need to be fixed.
>>> On 7/10/2013 7:12 PM, Bill Burke wrote:
>>>> A problem I just ran into with my dynamic tier creation/deletion is that
>>>> DefaultIdnetityManager.lookupIdentityById() requires that tiers be
>>>> preconfigured and listed in the store's config.  So, if you're doing a
>>>> realm.grantRole() for a dynamically created Tier-based Role, it won't
>>>> work :(
>>>> I'm working on a fix now.
>> _______________________________________________
>> security-dev mailing list
>> security-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/security-dev

More information about the security-dev mailing list