[security-dev] lookupIdentityById requires preconfigured Tiers
Shane Bryzak
sbryzak at redhat.com
Wed Jul 10 22:49:55 EDT 2013
Unfortunately the JPA support isn't working yet, the redesign required a
total rewrite of JPAIdentityStore which we're working on right now.
On 11/07/13 11:01, Bill Burke wrote:
> I have contributors blocked on me waiting to get a first iteration of
> the backend of my new project. I don't need a release, just something
> usable on the JPA side of things. If anything is usable, I can start
> banging on it and help fix bugs or at least identify problems.
>
> Otherwise, I'll continue improving my git fork of Picketlink to support
> my work. In the least it will allow me to further learn the current
> (albeit obsolete) Picketlink code and help flush out and find more use
> cases/problems.
>
> On 7/10/2013 7:55 PM, Shane Bryzak wrote:
>> Bill, you've got to wait until we've merged the PLINK-130 changes back
>> into trunk - pretty much everything has changed now, and we're working
>> extremely hard to get another beta out shortly. If you want to get a
>> feel for what has changed, the merge branch is here:
>>
>> https://github.com/picketlink/picketlink/tree/merge/PLINK-130
>>
>> By the way we're code-naming the next release "Bill", because it was
>> your use cases that drove all the changes. Hopefully the work we've
>> done is going to meet your requirements much better than before.
>>
>> On 11/07/13 09:45, Bill Burke wrote:
>>> Ok, I was going to add a getPartitions() method to IdentityStore, but
>>> this just won't scale. Instead I changed
>>> DefaultIdentityManager.checkIfIdentityTypeExists() to take into account
>>> the identityType's partition id if it is set. This fixes my grantRole()
>>> problem.
>>>
>>> The question is on whether IdentityManager.lookupIdentityById() needs to
>>> be fixed. If this method is supposed to be scoped to the partition,
>>> then its ok, otherwise it will need to be fixed.
>>>
>>> On 7/10/2013 7:12 PM, Bill Burke wrote:
>>>> A problem I just ran into with my dynamic tier creation/deletion is that
>>>> DefaultIdnetityManager.lookupIdentityById() requires that tiers be
>>>> preconfigured and listed in the store's config. So, if you're doing a
>>>> realm.grantRole() for a dynamically created Tier-based Role, it won't
>>>> work :(
>>>>
>>>> I'm working on a fix now.
>>>>
>>
>>
>> _______________________________________________
>> security-dev mailing list
>> security-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/security-dev
>>
More information about the security-dev
mailing list