On 01/18/2013 12:24 PM, Pedro Igor Silva wrote:
Hi All,
Would like to know your opnion about how we're storing identity information
using the File-based Identity Store and discuss possible alternatives.
Just for background, the motivation behind the file-based store is to provide a
fast, ready-to-use and simple store, ideally for test and development
scenarios/environments. The configuration is minimal and requires the file system.
A
potential usage is in JBossAS which may not have default configuration
for databases and ldap. In that case, we have to worry about the
serialization issues with files and versions.
Today we're basically serializing objects (JDK Serialization
API) and storing them into files. The layout is quite simple:
/tmp/pl-idm/:
total 4
drwxrwxr-x. 2 pedroigor pedroigor 140 Jan 18 15:20
65d62693-953c-43a6-ac43-4b655174bbb4 ----> Each Partitions has its own directory
-rw-rw-r--. 1 pedroigor pedroigor 554 Jan 18 15:20 pl-idm-partitions.db ---->
Serialized data for partitions
-rw-rw-r--. 1 pedroigor pedroigor 0 Jan 18 15:20 pl-idm-relationships.db
----> Serialized data for Relationships
/tmp/pl-idm/65d62693-953c-43a6-ac43-4b655174bbb4: ----> Partition directory.
total 8
-rw-rw-r--. 1 pedroigor pedroigor 789 Jan 18 15:20 pl-idm-agents.db ---->
Serialized data for Agents
-rw-rw-r--. 1 pedroigor pedroigor 1134 Jan 18 15:20 pl-idm-credentials.db
----> Serialized data for Credentials
-rw-rw-r--. 1 pedroigor pedroigor 0 Jan 18 15:20 pl-idm-groups.db ---->
Serialized data for Groups
-rw-rw-r--. 1 pedroigor pedroigor 0 Jan 18 15:20 pl-idm-roles.db ---->
Serialized data for Roles
Serialization provides us a fast way to store data, but I have some concerns that I
want to share:
- As we're serializing objects, we may have to ensure compatibility with
prior versions. I think Version Control is a option here (btw, Stuart Douglas gave me some
tips about that).
- Is better to use JBoss Marshalling instead of using the JDK Serialization API
directly ? Mainly considering the JBoss ecosystem ?
- Is there a better format to store data ? Such as XML ...
Compared to
Java serialization, XML would be painful.
- I had some discussions with Shane about using Infinispan.
We agreed that the IDM cache will be ISPN-based, that is fine. But maybe a ISPN-based
store can fits well too. ISPN allows to store data using different CacheStore
implementations, transaction support, indexing, distributable or local storage, etc.
The Default cache should be ISPN. But I am not sold on a ISPN store.
ISPN File Cache Store instead of IDM FileStore Implementation is a
option. But JDBCCacheStore probably not.