[jboss-dev-forums] [Design of JBoss Identity] - Re: User in API, User for business process in companies

bdaw do-not-reply at jboss.com
Thu Feb 12 07:21:22 EST 2009 

The main problem with the design and ids is that the framework provides something like a federation of the identity stores. So it is not only that you can have two different stores with different objects used to serve as the real ID (eg. Hibernate - Long, LDAP - String DN). When one store is not capable to persist all needed identity attributes (LDAP and limited schema for user profile) then such identity need to be synced into default store (hibernate) to keep the rest of the info. Therefore it can be a bit tricky to handle different ID Object types between API and SPI store repository level in an efficient way. 

As you mentioned the intention behind the project is to provide same API/model for different JBoss projects. Before alpha1 was pushed and discussion moved into the forums we had some internal discussion between various projects. Pre alpha ID was pure Object and this was one of the concerns rised by JBPM team. As they store id reference to users using generic IDs would require them to support every store implementation separately. That is the main reason why in the Alpha1 API we have IdentityType ID as String.

As I see now the hardest part for the framework and API design is to address well both basic and complex needs without adding too much unnecessary overhead to the first and too much constraints to the second ones ... 

I'm still thinking about how to improve the design for the IDs in the current. One of the issues in the SPI level is that IdentityStoreRepository has no way to recognize to which mapped IdentityStore given ID belongs. Currently ID is just a String representation of id from actual store (so String representation of Long for Hibernate store). I'm thinking about encoding internally more information into String ID like:
- Realm name
- Repository id
- IdentityStore id
- Actual internall store id value

Then it would be decoded on the IdentityStoreRepository level and let to handle IDs in a more efficient way.

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4209457#4209457

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4209457

More information about the jboss-dev-forums mailing list