[security-dev] how to model services managed by a realm

Shane Bryzak sbryzak at redhat.com
Tue Jun 11 23:27:08 EDT 2013


I'm currently working on some changes that will allow you to create a 
custom Partition type, so you'll be able to do something like this:

@IdentityPartition(supportedTypes = {Role.class, Group.class})
public class Application implements Partition {
     private String id;
     private String name;

     // snip getters/setters

The supportedTypes member of the annotation allows you to define which 
identity types can be persisted in your particular partition implementation.

I'll also be changing the Partition interface to extend AttributedType 
(which has getAttribute/setAttribute methods), so it will support 
setting arbitrary attribute values for partitions, as well as being able 
to declare formal attributes on the partition implementation itself.

I'm a bit unclear about the use case for associating a Realm with Tiers 
- could you please elaborate on this?

On 12/06/13 00:14, Bill Burke wrote:
> On 6/11/2013 10:00 AM, Pedro Igor Silva wrote:
>>> Then another problem with your suggestion is, for a given Realm, how do
>>> I find out the associated Tiers?  I'm not seeing any examples or code
>>> that allows me to do this.
>> I think we don't support this kind of query. But you can always get all users, groups or roles for a specific partition.
> Maybe create a default Agent within the realm and set an attribute which
> contains the related tiers?
> Would be nice to be able to associate a tier with a realm and be able to
> query to find out which tiers are associated with a realm.  Also, it
> would be nice to be able to define attributes for a tier or realm.  I
> guess the only way to do this would again be to create a default Agent
> that has the attributes you need to set.

More information about the security-dev mailing list