Bill, you've got to wait until we've merged the PLINK-130 changes back into trunk - pretty much everything has changed now, and we're working extremely hard to get another beta out shortly. If you want to get a feel for what has changed, the merge branch is here:

https://github.com/picketlink/picketlink/tree/merge/PLINK-130

By the way we're code-naming the next release "Bill", because it was your use cases that drove all the changes. Hopefully the work we've done is going to meet your requirements much better than before.

On 11/07/13 09:45, Bill Burke wrote:

Ok, I was going to add a getPartitions() method to IdentityStore, but this just won't scale. Instead I changed DefaultIdentityManager.checkIfIdentityTypeExists() to take into account the identityType's partition id if it is set. This fixes my grantRole() problem. The question is on whether IdentityManager.lookupIdentityById() needs to be fixed. If this method is supposed to be scoped to the partition, then its ok, otherwise it will need to be fixed. On 7/10/2013 7:12 PM, Bill Burke wrote:

A problem I just ran into with my dynamic tier creation/deletion is that DefaultIdnetityManager.lookupIdentityById() requires that tiers be preconfigured and listed in the store's config. So, if you're doing a realm.grantRole() for a dynamically created Tier-based Role, it won't work :( I'm working on a fix now.