[security-dev] how to model services managed by a realm

Bill Burke bburke at redhat.com
Mon Jun 10 18:28:05 EDT 2013

I'm trying to figure out how to do the following scenario with the 
IdentityManager API:

* A realm with N users
* A realm which manages X applications
* Each application has Y roles
* Users have role mappings for each of those roles

I'll need to be able to query:

* What are the applications in the realm
* What roles does a service have
* What are the role mappings for each service for a particular user

It looks like a Role only has a name.  So, I can't have "admin" role for 
each of my services and different role mappings per service.  Would I 
have to model this as different "partitions"?  I see that you can create 
"partitions", but how do you create relationships between "partitions" 
or share users between partitions?

Bill Burke
JBoss, a division of Red Hat

More information about the security-dev mailing list