[jboss-dev-forums] [Design of JBoss Portal] - Re: Architecture : CMS and Identity for authorization on doc

sohil.shah@jboss.com do-not-reply at jboss.com
Mon Aug 13 16:12:23 EDT 2007 

anonymous wrote : 
  | If I understand well :
  |  - the users and roles are synchronised from the LDAP to the DB
  |  - then, we use hibernate to have the cache feature on users and roles requests
  | 
  | so we get good performance, thanks to this replication of data + hibernate caching feature.
  | 
  | I still think that is quiet a heavy way to have some cached users and roles.
  | 
  | May be it could be interesting to have a cache (jboss cache) on the users and roles directly.
  | with clustered HA feature to.
  | It could rely also from the events of LDAP synchronisation.
  | 
  | This would be an enhancement (for performance) of the identity service, while keeping the (nice) independance of users and roles from the implementation behind (DB, LDAP... EJB3 later ?).
  | 
  | And also avoid a heavy drawback : in High Availability, having a replication of data from LDAP to a DB is not a nice thing, if the purpose is just "caching with hibernate".
  | One more DB in HA is a lot of prod work, and a weak part more.
  | 
  | I guess this is new and will evolved when it is time.
  | I can customize a users and roles module too.
  | I wish I can and contribute with it.
  | but I don't see any opportunity (and time) to do that before... a long time.
  | 

As a follow up to your post on the JIRA task, this strategy would be hidden as an implementation details of the Identity Modules (UserModule, RoleModule etc), as I stated earlier in my post on the JIRA task.

The HSQL based optimization/caching will apply only to the core DB based IdentityModule implementations that we ship out-of-the-box with the Portal. For other Identity Modules it will fall back to retrieving Identity Data via Identity interfaces and any performance related optimizations in that case will be delegated to the actual implementation and not to the CMS Security engine.

Thanks
 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4073717#4073717

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4073717

More information about the jboss-dev-forums mailing list