[jboss-dev-forums] [Design of JBoss Identity] - Re: typed interface of identity api

For the first point I agree it could be improved to avoid unnecessary calls. Like I mentioned in the other post (http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4209457#...) I'm still thinking a bit about how IDs should be handled. Actually currently in both IdentityStore implementation the IdentityObject name is required to be unique per IdentityObjectType. This makes any IdentityObject uniquely identified by pair of name/type. Translating this into the API language: - Identity is uniquely identified by its name - Group is uniquely identified by name/GroupType pair. Therefore current String ID is mostly only internal IdentityStore information that lets to retrieve such object efficiently (directly - without additional queries). Maybe it would make sense to let use those information in API more directly? Something like: - associateGroups(GroupType parentType, String, parentName, GroupType childType, String childName) or use other object to embedd those information (name/type + optionally store internal id) and let construct it without need to fetch anything from the store... I'm open for suggestions... For the second issue regarding the role association: The main problem is to keep in mind that some of IdentityStore implementations won't support roles at all (simple LDAP tree shape is the perfect example). That's why I want to distinguish it in the API. However I'm still thinking about adding switches to RelationshipManager methods to also fetch roles in "findAssociatedXXX()" methods and will probably go this way... need to check if it doesn't make additional complications internally and keeps the API consistent. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4209472#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...