<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">I've read through the gist and my
comments are inline:<br>
<br>
<br>
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<blockquote>
<h1 style="margin: 0px 0px 10px; padding: 0px; line-height:
1.4em; font-weight: bold; -webkit-font-smoothing: antialiased;
cursor: text; position: relative; font-size: 28px; color:
rgb(0, 0, 0); font-family: helvetica, arial, freesans, clean,
sans-serif; font-style: normal; font-variant: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">Developer Side Notes</h1>
<h2 style="margin: 0px 0px 10px; padding: 0px; line-height:
1.4em; font-size: 24px; font-weight: bold;
-webkit-font-smoothing: antialiased; cursor: text; position:
relative; border-bottom-width: 1px; border-bottom-style:
solid; border-bottom-color: rgb(204, 204, 204); color: rgb(0,
0, 0); font-family: helvetica, arial, freesans, clean,
sans-serif; font-style: normal; font-variant: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; "><a name="definitions"
class="anchor"
href="https://gist.github.com/3801805#definitions"
style="margin: 0px 0px 0px -30px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(65, 131, 196);
text-decoration: none; display: block; cursor: pointer;
position: absolute; top: 0px; left: 0px; bottom: 0px; "></a>Definitions</h2>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica, arial, freesans, clean, sans-serif; font-size:
14px; font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">
<p style="margin: 0px 0px 15px; padding: 0px; line-height:
1.4em; ">What is the difference between getKey() and
getId() methods. Can we have getId() on the IdentityType ?</p>
<p style="margin: 15px 0px; padding: 0px; line-height:
1.4em; ">I think we can associate the getKey with the
username, for example. The getId can be used to let stores
identify the user internally, like a generated identifier
or something.</p>
<p style="margin: 15px 0px; padding: 0px; line-height:
1.4em;">Another option is have a getName method on User
type and remove the getKey. That way we have User.getId
and User.getName. Remember that other IdentityTypes like
Role and Group have a getName method.</p>
</li>
</ul>
</blockquote>
<p><br>
The getKey() method returns a "globally" unique identifier for
that identity object. E.g. for a group called "admins" the key
would be "GROUP://admins", for a user called jsmith the key
would be "USER://jsmith". We need this distinction because
permissions can be stored against users, groups, or roles using
their key and we need a reliable way to map this value back to
the actual identity object. The getId() method is specific to
certain identity types, such as User (in which case the id is
their user ID, i.e. "jsmith") or Group (where the id is the full
hierarchy of the group, e.g. "/branches/headoffice/managers").<br>
<br>
</p>
<blockquote>
<h2 style="margin: 20px 0px 10px; padding: 0px; line-height:
1.4em; font-size: 24px; font-weight: bold;
-webkit-font-smoothing: antialiased; cursor: text; position:
relative; border-bottom-width: 1px; border-bottom-style:
solid; border-bottom-color: rgb(204, 204, 204); color: rgb(0,
0, 0); font-family: helvetica, arial, freesans, clean,
sans-serif; font-style: normal; font-variant: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; "><a name="api-design"
class="anchor"
href="https://gist.github.com/3801805#api-design"
style="margin: 0px 0px 0px -30px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(65, 131, 196);
text-decoration: none; display: block; cursor: pointer;
position: absolute; top: 0px; left: 0px; bottom: 0px; "></a>API
Design</h2>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica,arial,freesans,clean,sans-serif; font-size: 14px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">
<p style="margin: 0px 0px 15px; padding: 0px; line-height:
1.4em; ">Method IdentityManager.grantRole(role,
identityType, group) can be split in:</p>
<ul style="margin: 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;
">IdentityManager.grantRole(role, user)</li>
<li style="margin: 0px; padding: 0px; line-height: 1.4em;
">IdentityManager.grantRole(role, group)</li>
<li style="margin: 0px; padding: 0px; line-height: 1.4em;
">IdentityManager.addMember(group, identityType)</li>
</ul>
<p style="margin: 15px 0px; padding: 0px; line-height:
1.4em;">Same thing for revokeRole(role, identityType,
group), hasRole(role, identityType, group)</p>
</li>
</ul>
</blockquote>
<p><br>
</p>
<p>The role management methods could probably do with some
improvement. For one thing we don't have explicit support for
application roles yet. I would suggest something like the
following methods:<br>
</p>
<p>IdentityManager.grantRole(IdentityType member, Group parent,
String roleName)<br>
IdentityManager.grantApplicationRole(IdentityType member, String
roleName)<br>
</p>
<p><br>
</p>
<blockquote>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica,arial,freesans,clean,sans-serif; font-size: 14px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;">
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">
<p style="margin: 0px 0px 15px; padding: 0px; line-height:
1.4em; ">Customization of ldap attributes and db stuff
based on preexisting DBs and LDAP stores. For databases
there is some working done in previous versions of
PicketLink IDM.</p>
</li>
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">
<p style="margin: 0px 0px 15px; padding: 0px; line-height:
1.4em;">Serialization of User, Role, Group and Membership
types. I think is important to make those classes work in
a clustered environment.</p>
</li>
</ul>
</blockquote>
<p><br>
+1, we should make these interfaces Serializable<br>
</p>
<p><br>
</p>
<blockquote>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica, arial, freesans, clean, sans-serif; font-size:
14px; font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">
<p style="margin: 0px 0px 15px; padding: 0px; line-height:
1.4em;">The IdentityManager provides two methods for
creating groups providing the parent: createGroup(String,
Group) and createGroup(String, String). Maybe we can have
only createGroup(String, Group) considering that the
parent must be always created.</p>
</li>
</ul>
</blockquote>
<p><br>
+1, good idea<br>
<br>
</p>
<blockquote>
<h2 style="margin: 20px 0px 10px; padding: 0px; line-height:
1.4em; font-size: 24px; font-weight: bold;
-webkit-font-smoothing: antialiased; cursor: text; position:
relative; border-bottom-width: 1px; border-bottom-style:
solid; border-bottom-color: rgb(204, 204, 204); color: rgb(0,
0, 0); font-family: helvetica, arial, freesans, clean,
sans-serif; font-style: normal; font-variant: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; "><a name="query-api-design"
class="anchor"
href="https://gist.github.com/3801805#query-api-design"
style="margin: 0px 0px 0px -30px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(65, 131, 196);
text-decoration: none; display: block; cursor: pointer;
position: absolute; top: 0px; left: 0px; bottom: 0px; "></a>Query
API Design</h2>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica,arial,freesans,clean,sans-serif; font-size: 14px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">Common
interface and base class for UserQuery, RoleQuery,
GroupQuery and MembershipQuery interfaces/implementations.</li>
</ul>
</blockquote>
<p>+1, all the common stuff should go in a base interface<br>
<br>
</p>
<blockquote>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica,arial,freesans,clean,sans-serif; font-size: 14px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">Do
we need the *Query.executeQuery(query, range) method ? We
already have the *Query.executeQuery().</li>
</ul>
</blockquote>
<p>I don't think we need this, the range can be set explicitly on
the Query object.<br>
<br>
</p>
<blockquote>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica,arial,freesans,clean,sans-serif; font-size: 14px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;">
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">We
can also have a *Query.executeQuery(range) method to
configure how the query is executed. Instead of always force
the range argument.</li>
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">The
UserQuery interface defines a getName method, but there is
no such method/property in the User interface. Should we map
the UserQuery.getName to User.getKey ? This item is related
with item #1 from the Definitions section.</li>
</ul>
</blockquote>
<p>This should probably be getId() instead.<br>
<br>
</p>
<blockquote>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica, arial, freesans, clean, sans-serif; font-size:
14px; font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">Add
support to query users by creation and expiration date.
There are not methods in the UserQuery to search using these
attributes.</li>
</ul>
</blockquote>
<p><br>
+1, this is a good idea<br>
</p>
<blockquote>
<h2 style="margin: 20px 0px 10px; padding: 0px; line-height:
1.4em; font-size: 24px; font-weight: bold;
-webkit-font-smoothing: antialiased; cursor: text; position:
relative; border-bottom-width: 1px; border-bottom-style:
solid; border-bottom-color: rgb(204, 204, 204); color: rgb(0,
0, 0); font-family: helvetica, arial, freesans, clean,
sans-serif; font-style: normal; font-variant: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; "><a
name="messages-and-logging" class="anchor"
href="https://gist.github.com/3801805#messages-and-logging"
style="margin: 0px 0px 0px -30px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(65, 131, 196);
text-decoration: none; display: block; cursor: pointer;
position: absolute; top: 0px; left: 0px; bottom: 0px; "></a>Messages
and Logging</h2>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica,arial,freesans,clean,sans-serif; font-size: 14px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">Better
exception hierarchy and handling</li>
</ul>
</blockquote>
<p>+1, we should also define a list of error codes, I'll ask Pete
for some advice on this.<br>
<br>
</p>
<blockquote>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica,arial,freesans,clean,sans-serif; font-size: 14px;
font-style: normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px;">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">JBoss
Logging for messages/exceptions and log messages</li>
</ul>
</blockquote>
<p><br>
My concern here is how we integrate the logging in an SE module
with CDI. It would be nice to provide some kind of i18n
support, maybe Jason would have some suggestions as to how we
best achieve this.<br>
<br>
</p>
<blockquote>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family:
helvetica, arial, freesans, clean, sans-serif; font-size:
14px; font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em;">More
logging code (warn, info, error and debug levels)</li>
</ul>
</blockquote>
<p><br>
+1, comprehensive logging is always good<br>
<br>
</p>
<h2 style="margin: 20px 0px 10px; padding: 0px; line-height:
1.4em; font-size: 24px; font-weight: bold;
-webkit-font-smoothing: antialiased; cursor: text; position:
relative; border-bottom-width: 1px; border-bottom-style: solid;
border-bottom-color: rgb(204, 204, 204); color: rgb(0, 0, 0);
font-family: helvetica, arial, freesans, clean, sans-serif;
font-style: normal; font-variant: normal; letter-spacing:
normal; orphans: 2; text-align: left; text-indent: 0px;
text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; "><a name="configuration"
class="anchor"
href="https://gist.github.com/3801805#configuration"
style="margin: 0px 0px 0px -30px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(65, 131, 196); text-decoration:
none; display: block; cursor: pointer; position: absolute;
top: 0px; left: 0px; bottom: 0px; "></a>Configuration</h2>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family: helvetica,
arial, freesans, clean, sans-serif; font-size: 14px; font-style:
normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">Review
the builder code ? Use xml or something else ?</li>
</ul>
<h2 style="margin: 20px 0px 10px; padding: 0px; line-height:
1.4em; font-size: 24px; font-weight: bold;
-webkit-font-smoothing: antialiased; cursor: text; position:
relative; border-bottom-width: 1px; border-bottom-style: solid;
border-bottom-color: rgb(204, 204, 204); color: rgb(0, 0, 0);
font-family: helvetica, arial, freesans, clean, sans-serif;
font-style: normal; font-variant: normal; letter-spacing:
normal; orphans: 2; text-align: left; text-indent: 0px;
text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; "><a name="documentation"
class="anchor"
href="https://gist.github.com/3801805#documentation"
style="margin: 0px 0px 0px -30px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(65, 131, 196); text-decoration:
none; display: block; cursor: pointer; position: absolute;
top: 0px; left: 0px; bottom: 0px; "></a>Documentation</h2>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family: helvetica,
arial, freesans, clean, sans-serif; font-size: 14px; font-style:
normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">Start
to document what we have so far</li>
</ul>
<h2 style="margin: 20px 0px 10px; padding: 0px; line-height:
1.4em; font-size: 24px; font-weight: bold;
-webkit-font-smoothing: antialiased; cursor: text; position:
relative; border-bottom-width: 1px; border-bottom-style: solid;
border-bottom-color: rgb(204, 204, 204); color: rgb(0, 0, 0);
font-family: helvetica, arial, freesans, clean, sans-serif;
font-style: normal; font-variant: normal; letter-spacing:
normal; orphans: 2; text-align: left; text-indent: 0px;
text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; "><a name="feature-proposal"
class="anchor"
href="https://gist.github.com/3801805#feature-proposal"
style="margin: 0px 0px 0px -30px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(65, 131, 196); text-decoration:
none; display: block; cursor: pointer; position: absolute;
top: 0px; left: 0px; bottom: 0px; "></a>Feature Proposal</h2>
<ul style="margin: 15px 0px; padding: 0px 0px 0px 30px;
line-height: 1.4em; color: rgb(0, 0, 0); font-family: helvetica,
arial, freesans, clean, sans-serif; font-size: 14px; font-style:
normal; font-variant: normal; font-weight: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; ">
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">Password
Management API. Support different credentials and management
features (reset, strength, etc)</li>
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">IDM
example appplication</li>
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">REST
endpoints for the IdentityManager. As Anil suggested.</li>
<li style="margin: 0px; padding: 0px; line-height: 1.4em; ">Event
Handling. Which events should be supported (user account
created/removed/updated/expired, membership
created/removed/update, etc) ?</li>
</ul>
<br>
<br>
<br>
On 09/10/12 02:23, Anil Saldhana wrote:<br>
</div>
<blockquote cite="mid:5072FE0F.7080804@redhat.com" type="cite">
<pre wrap="">Hi all,
I am wondering if we can hold a discussion on the IDM API so we lock it
down in the next couple of weeks.
Recently, Pedro created the following gist page.
<a class="moz-txt-link-freetext" href="https://gist.github.com/3801805">https://gist.github.com/3801805</a>.
Regards,
Anil
_______________________________________________
security-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:security-dev@lists.jboss.org">security-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/security-dev">https://lists.jboss.org/mailman/listinfo/security-dev</a>
</pre>
</blockquote>
<br>
<br>
</body>
</html>