On 9/6/2013 5:59 PM, Marek Posolda wrote:
Actually in RealmModel there are methods:
String getId();
String getName();
void setName(String name);
and in KeycloakSession there are methods:
RealmModel createRealm(String name);
This will autoomatically generate an ID.
RealmModel createRealm(String id, String name);
Allows you to provide an ID and name when creating a realm. Great for
setting up our demo example application!
RealmModel getRealm(String id);
There is also quite strange mapping as model attribute "id" is mapped in
Picketlink partition as "name" and model attribute "name" is mapped
in
Picketlink as "realmName" (I used something similar for my MongoDB
prototype as well).
Picketlink is messed up a little. It has the an "ID" attribute, but you
search based on a "name". This is why Keycloak-PL code is modelled a
little strangely. I don't know if they have fixed this in the latest PL
releases.
I wonder if it's really needed to have both "id" and
"name" in model?
In Keycloak model, yes. It is necessary. If we have a SaaS service
that hosts multiple companies, then the ID will prevent name clashes.
Picketlink allows to search Partitions by "name"
(represented in
Keycloak as "id"), so I think that it should be good enough to have in
model just "name" and map it to Picketlink "name".
No. See above. "Name" in Keycloak is non-unique. "name" must be
unique in Picketlink partitions. Again, I think this is just a bug on
their part.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com