Re: [security-dev] deleting a partition
On 6/14/2013 2:19 PM, Pedro Igor Silva wrote:
Ok, the reason is why this is a critical operation which involves
removing critical data. That said, I don't think we should do that, like I said,
"automatically".
But again, you give no reason :) Sure its critical data, but everything
in the IDM is critical data.
You can always use the following construct to query all identity
types:
IdentityQuery<IdentityType> query =
identityManager.createIdentityQuery(IdentityType.class); // here we use the base type to
create the query
query.setParameter(IdentityType.PARTITION, Realm.DEFAULT_REALM); // or
query.setParameter(IdentityType.PARTITION, "Another Partition")
List<IdentityType> result = query.getResultList();
for (IdentityType type: result) {
// remove
}
So, the above can be done at a higher level and not have to be done at
each IdentityStore? There's no potential for duplicate entries in a
federated store?
I understand your point and it is valid. My opinion is just we should
leave that for users.
Who is the user? The admin UI on top of Picketlink IDM API?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com