Re: [security-dev] PicketLink 3 IDM - Avoiding Knowledge of the IdentityStore
On 12/01/2012 10:51 PM, Darran Lofthouse wrote:
Working further with the API one thing that I notice is that is that
although basic access to load IdentityTypes can be performed using the
generic interfaces adding new identities seems to require a knowledge of
the store to select the correct type.
As an example from what I can see to add a user to the
FileBasedIdentityStore I need to add a FileUser - is this correct or am
I missing something?
This isn't correct; as long as you code to the interfaces the
IdentityStore should support it - if it doesn't then it's a bug. You
shouldn't require any specific knowledge about the IdentityStore
implementations, in fact it's preferable that the developer isn't even
aware of them (although this isn't possible because they actually need
to be configured).
What I would hope to see is that a client of the API can be written to
be completely independent of the IdentityStore so should the
IdentityStore be switched the client would remain mostly unchanged.
This is exactly how it should work.
Regards,
Darran Lofthouse.
_______________________________________________
security-dev mailing list
security-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev